Digital cameras use Picture Transfer Protocol (PTP) to transfer digital files and the firm's researchers discovered how to exploit vulnerabilities in the protocol to infect a camera with ransomware, which they showed off at this year's Defcon security conference. Ironically, they were able to uncover flaws in the Canon EOS 80D by using firmware originally cracked by Magic Lantern, which supplies its own open source app with extra features to Canon EOS owners.
Security firm Check Point Research made a decision to explore how straightforward it might be for someone with nefarious intent to compromise a camera, and discovered that it wasn't as hard as you might hope. "Such an infection could, for example, be used for installing a Ransomware on the camera, and demanding ransom for both the images and the camera itself". "Attackers can inject ransomware into both the camera and PC", Itkin added.
Demonstrated by a security researcher from Check Point Software Technologies Ltd., the technique involves exploiting a vulnerability in the picture transfer protocol used in a Canon EOS 80D digital camera.
Since the protocol is standardized and embedded in other camera brands, Check Point believes "similar vulnerabilities can be found in cameras from other vendors as well", the statement said. After digging in, the researchers found critical vulnerabilities in the Picture Transfer Protocol.
Do not connect the camera to a PC or mobile device that is potentially exposed to virus infections.
For now, PetaPixel reports that Canon DSLR users with WiFi equipped cameras are being advised to disable the camera's network functions when they are not being used. Following this, they accessed the PTP layer that had various PTP handlers (around 148), making the functionality highly vulnerable to malicious attacks. As such, we recommend visiting the support section of the website for your camera to see if a firmware update is available. Or if it's even possible to fully format the memory card after this encryption goes live?
Check Point disclosed the vulnerabilities to Canon, which has issued a security update for its devices.
This site contains affiliate links to products.