80 Sony IP CCTV Camera Models Are Affected With Two Secret Backdoors

Most of the private and government organizations are using IP-based security camera to keep their eye on sensitive places such as server rooms. According to a report of Austria-based security firm SEC Consult, hackers could compromise IP-based cameras of “Sony” companies because two backdoor accounts are available in their current firmware version. Around 80 models of Sony IP cameras contains these backdoor accounts. Hackers could exploit this security flaw and can easily compromise this camera by using a strong botnet. As you know, Mirai Botnet is a powerful botnet which can easily compromise poorly configured IoT devices.

Two Backdoor Accounts Are Available

According to security researchers of SEC Consult, One backdoor account is available in the Web Interface of Sony’s current IP camera firmware version. This backdoor is set of hardcoded credentials, which is allowing hackers to enable Telnet service of cameras by sending remote requests.

The second backdoor is also a hard coded password which could be used by hackers to gain the root access of devices. After getting root access, they can fully control the devices over Telnet. This password string is available in a cryptographic hash and it is possible to crack it by spending some time on it.

How is it possible?

SEC Consult said that these backdoors had been created by the official developers of Sony. Not a single footprint of third party programmer has been identified by the security researchers of SEC Consult. It seems like, developers had created these backdoors to debug the device during testing and they forget to remove both of the backdoors from the firmware.

What Hackers Can Do By Hacking These Cameras?

Hackers could enable Telnet service of devices and can access them over the internet or over the local area network. Hackers can convert these cameras into bots by infecting them with a strong botnet such as Mirai Botnet to perform DDoS (Distributed Denial of Service) Attack on major networks and companies. Hackers could also disrupt working functionality of cameras. Hackers could spy on all those networks which are under Electronic surveillance. Moreover, hackers could send specially crafted videos and images to the control room.

Vulnerable Models of Sony IP Camera

SNC-CH115

SNC-CH120

SNC-CH160

SNC-CH220

SNC-CH260

SNC-DH120

SNC-DH120T

SNC-DH160

SNC-DH220

SNC-DH220T

SNC-DH260

SNC-EB520

SNC-EM520

SNC-EM521

SNC-ZB550

SNC-ZM550

SNC-ZM551

SNC-EP550

SNC-EP580

SNC-ER550

SNC-ER550C

SNC-ER580

SNC-ER585

SNC-ER585H

SNC-ZP550

SNC-ZR550

SNC-EP520

SNC-EP521

SNC-ER520

SNC-ER521

SNC-ER521C

SNC-CX600

SNC-CX600W

SNC-EB600

SNC-EB600B

SNC-EB602R

SNC-EB630

SNC-EB630B

SNC-EB632R

SNC-EM600

SNC-EM601

SNC-EM602R

SNC-EM602RC

SNC-EM630

SNC-EM631

SNC-EM632R

SNC-EM632RC

SNC-VB600

SNC-VB600B

SNC-VB600B5

SNC-VB630

SNC-VB6305

SNC-VB6307

SNC-VB632D

SNC-VB635,

SNC-VM600

SNC-VM600B

SNC-VM600B5

SNC-VM601

SNC-VM601B

SNC-VM602R

SNC-VM630

SNC-VM6305

SNC-VM6307

SNC-VM631

SNC-VM632R

SNC-WR600

SNC-WR602

SNC-WR602C

SNC-WR630

SNC-WR632

SNC-WR632C

SNC-XM631

SNC-XM632

SNC-XM636

SNC-XM637

SNC-VB600L

SNC-VM600L

SNC-XM631L

SNC-WR602CL

All the above metioned models of Sony cameras are affeted with backdoor. The Censys.io is a search engine, which allows computer researchers to search those devices which are composing the internet. A search of “Censys.io” shows that more than 4000 Sony IP-based cameras are connected to the internet. There are much more which are vulnerable in actual.

Solution

If you are a user of Sony IP Cameras, then update the firmware version of your devices as soon as possible. An update has been released by Sony to fix this security issue. Don’t forget, hackers are focusing on IoT devices these days to perform large scale DDoS type attacks. It is happening from the day one since the source code of Mirai Botnet had been released by its owner publically.

Simialar Articles: