More and more glued-on lenses show it clearly: The reports on hijacked camera systems, which allow hackers access to private settings, have made many users sensitive.Now there is a possibility that there is a critical vulnerability in the cloud connectivity of Samsung IP camera that allows full access and even device destruction.

Samsung IP Camera

Webcams and other Internet-connected camera systems have made headlines over the past few years, as developers have not provided enough protection against attacks. As Kaspersky reports, it has discovered serious gaps in the IP camera SNH-V6410PN / PNW. It is a  widespread model is distributed in Europe by Samsung. As the security researchers say, the analysis suggests that it affects all devices connected to the manufacturer’s cloud service.

Also Read: Samsung Galaxy S9 Review: A Smartphone Close to Perfection

According to Kaspersky, the described attack on the cameras requires the attackers to know serial numbers of devices – a targeted attack on individual models would mean a higher level of research effort. However, such serial numbers are very easy to get, the experts say. In the first sample around 2000 cameras worldwide could be identified in the network, which could be controlled via the gap.

Also Read: Samsung Experience App lets you enjoy the S9 ad S9+ to the fullest

If such a camera is identified by an attacker, the latter can access video and sound in real time or even play sounds via the built-in speaker. In addition, it is possible to completely disable or even permanently destroy the devices. Since own code can be inserted at will, the integration into an IoT botnet is also possible. The Korean manufacturer Hanwha Techwin (former Samsung subsidiary) has promptly responded to Kaspersky’s advice and stated that “in the near future” it will close all gaps in its cameras.

Also Read: 8 Differences between Samsung Galaxy S8 and S9 that you might have missed out

Specifically, the problem is apparently due to an insecure connection of the cameras to the cloud service of the manufacturer. The Linux-based ARM devices are connected to the user via an app to the wireless router and can then be managed and controlled via the cloud. As explained in the report, the manufacturer uses a Jabber server on which chat rooms are set up for each camera type. Cameras with an online connection are logged in the corresponding chat room and wait for commands. The problem: The Kaspersky researchers were able to set up any new users on the server and thus gain access to third-party cameras.


Leave a Reply