Vectra Networks researchers today released an article demonstrating how they turned a $30 D-Link Wi-Fi webcam into a backdoor onto its owner’s network. Installing a device like a networked webcam may seem like a riskless action, but when the device can allow hackers to access the same network it becomes far more worrying.
Typically, attacks on Internet of Things devices are considered a waste of time due to their lack of valuable onboard data and lack of resources to manipulate. Vectra showed that should hackers focus on and be able to compromise a device’s flash ROM, they could replace the running code with their own tools such as those to create a backdoor. It doesn’t have to be a remote hack either, with the report stating “Once we have such a flash image, putting it in place could involve ‘updating’ an already deployed device or installing the backdoor onto the device somewhere in the delivery chain – i.e. before it is received and installed by the end customer.”
The first step of the attack on the webcam was to dump the flash memory from the device for analysis. It could then be determined that the ROM contains a u-boot and a Linux kernel and image with software used to update the firmware. With this, the steps used to verify firmware updates could be reverse engineered to allow it to accept a rogue update containing a Linux proxy service while also disabling the ability to reflash in future so the back door could not be removed. With all this in place, the hacker would be able to inject his own attacks into the rest of the network and use it as a pipeline to extract stolen data.
Such a compromise would be incredibly hard to detect by the user as long as the backdoor code did not interfere with the device’s normal operations. Even then, there would be no way for the device to be recovered and would instead have to be disposed of and replaced with a clean one. D-Link is yet to issue a patch for this vulnerability, but it is not expected they will, as a true fix would require specialist chips to verify updates or a Trusted Platform Module.
It is worrying that as we bring so many more tiny networked computers into our homes, they are far more of a risk than they seem. Vulnerabilities in even the smallest network device can compromise the security of an entire network and should not be overlooked.
According to a new report, the GeForce RTX 5090 GPU will be very expensive. It…
A new AMD processor in the form of an engineering model has been leaked in…
SK Hynix has claimed to be the first company to mass-produce 321-layer NAND memory chips.…
SOUNDS GREAT – Full stereo sound (12W peak power) gives your setup a booming audio…
Special Edition Yoshi design Ergonomic controller shape with Nintendo Switch button layout Detachable 10ft (3m)…
Fluid Motion: These flight rudder pedals are smooth and accurate that enable precise control over…