Security researcher installs ransomware on Canon camera

A security researcher from Check Point Software Technologies has demonstrated a technique that makes it possible to install ransomware on a Canon DSLR. The demonstration can be seen in a video.

The security researcher, Eyal Itkin, specifically infects a Canon EOS 80D.

In the digital camera there appears to be a vulnerability in the picture transfer protocol (PTP), writes Silicon Angle. PTP is a protocol used to transfer images from a digital camera to computers. The protocol supports both USB cables and wifi connections for this purpose.

PTP is an unverified protocol that can support multiple data streams. That includes rogue commandos. In the video Itkin shows how he can infect the camera in less than 60 seconds.

Infecting

Itkin does this by turning on the camera, taking pictures and using a laptop to connect to the wifi access point on the device. It then uploads ransomware via the connection to the camera. The photos are encrypted and a ransomware message appears.

Our research shows how an attacker who is nearby or an attacker who has already taken over our PC can also infect our beloved cameras with malware, according to Itkin.

Imagine how you would react if attackers infected both your computer and the camera with ransomware, holding all your photos hostage until you pay a ransom.

Patch

Check Point Software Technologies informed Canon of the problem before the video was made. This was on March 31st. Canon has now published a security advisory, as well as a patch.

However, the patch must be installed by updating the software on the camera. Not all users do this.

Although the vulnerability was demonstrated on a Canon EOS 80D, it is also present on other cameras of the company. Moreover, the error is not exclusive to Canon, but also occurs on cameras from other manufacturers.