Security Researcher Mike Olsen has accused Amazon for selling security cameras filled with malware. In general, all those devices connected to internet are always prone to malware and ransomware (the latest). As soon as the hackers find a weak access point they immediately use the access point for their own motives.
But according to the latest blog post of Mike, the security surveillance cameras sold on Amazon are being offered with pre-loaded malware. When Mike ordered for a decent set of Sony outdoor security cameras sold by Urban Security Group, the purchased kit came in with malware. This was discovered by Olsen at the time of setting up the surveillance system, logging into the admin panel and configuring it.
According to the researcher, the page which hosted the camera feed had no normal controls or settings available to him. Mike then went ahead and opened up the developer tool and found that at the bottom of the body tag was an iframe linking to a host name “Brenz.pl” which is a malware distributing resource which was shut down in 2009 and reemerged in 2011.
Mike added that the said web domain as a malicious sources and scans reveal that Trojans and Viruses may be hosted by Brenz.pl
What’s more threatening is that the device firmware links to this domain, and so users who are about to download the latest version of firmware will instead get malware leading to data theft at some point of time.
If that’s the case, then all those security cameras users will either become a victim of ransomware or will see their security camera videos live on internet causing embarrassment.
When Amazon was contacted on this issue, they responded that they are just sellers of the product and would not like to involve in other issues.