Railfan Technology > DSLR Cameras Can Be Infected With Ransomware

"Ransomware is a very lucrative business for those distributing it, and it seems there's no limit to the devices they'll attenpt to infect. The latest to be targeted? Your DSLR camera.
 
As Check Point Research reveals, digital cameras are a great choice for ransomware as they typically contain photos that are of high value to the owner. Maybe it's an album of photos from a recent holiday, a wedding, or some other event we'd all hate to lose the memory of. In other words, we'd be more willing to pay to get them back."
 

https://www.pcmag.com/news/370123/dslr-cameras-can-be-infected-with-ransomware
 

It's really a non-issue for the overwhelming majority who don't connect their cameras to unknown WiFi networks.

What is so amazing is that, one they can seem to do wonders making new apps as they are called but not keep someone out of your computer thing ever what that might be, two find those who recieve the money. Social meda is such a wonderful thing then you  have the big scam of go fund me, should be please line my pockets when you give thru our site.  Guess I am just an old fart that is not on some device 24/7 even while eating.

LiveWire2 Wrote:
-------------------------------------------------------
> It's really a non-issue for the overwhelming
> majority who don't connect their cameras to
> unknown WiFi networks.

Do you have figures to back that up? I happen to know for a fact that Sony cameras (at least a certain type used where I work) by default out of the box attempt to connect to any available WiFi network to connect Sony servers UNLESS you specificly turn that "feature" off. 

So just turn it off.

jst3751 Wrote:
-------------------------------------------------------
> LiveWire2 Wrote:
> --------------------------------------------------
> -----
> > It's really a non-issue for the overwhelming
> > majority who don't connect their cameras to
> > unknown WiFi networks.
>
> Do you have figures to back that up? I happen to
> know for a fact that Sony cameras (at least a
> certain type used where I work) by default out of
> the box attempt to connect to any available WiFi
> network to connect Sony servers UNLESS you
> specificly turn that "feature" off. 

Bob Wilcox
Charlottesville, VA
My Flickr Shots

This is some of the attention grabbing shock-type headlines coming out of the recent Black Hat cybersecurity conference in Las Vegas. They also noticed that the Aps and software updates from the multitude of approved sources, including the OEM, have flaws and backdoors that are being discovered as time passes. The encryption threat scenerio can be minimized by backing up your data at appropriate intervals, the SD memory cards would, in theory, be checked and sanitized when they are plugged into a protected Desktop, or similar.

Of course this assumes an amount of responsible understanding of modern devices, updating Security S/W and backing up your data. Despite attempts to ignore those bad guys, there really are people out there who want to steal your lunch, or maybe just sell your anonymous data to Retailers. Something as simple as how many Nikons or Canons visit the Grand Tetons can become of value, easily picked up from errant Wi-fi in downtown and then sold as a Consultant Summary.

+ Yep, agree, turn it off. This also works for a smart phone and helps extend a battery charge, turn it back on when you want to check something, or using GPS logging, or wanting to be found. Suggest turning off Wi-fi, data and GPS location unless you really want to be giving personal info away.



Edited 2 time(s). Last edit at 08/12/19 13:39 by TCnR.

I think my ex-wife is trying to take over and control my camera. She didn't like the NS and everytime I go to shoot it, weird things happen.

Such as: 
On a perfectly sunny day, clouds all of a sudden cover the sun as a real good train comes.
I wait hours and no trains come, but I go to 7-11 for a soda and I miss multiple trains.
I send photos to the leading magazines who tell me they will publish all of them. Then days later, they say they can't use them.
There are other scenarios, but I can't elaborate at this time.

Hope this helps!

btw, "Ransomware" is an extortion plot where the hacker turns on the encryption or perhaps just changes the log-in and then says they will tell you the password for a price. Easily done if there is a log-in but you haven't filled in the blanks to make it work, or use the password/password trick. In most cases they take the money but don't explain how to free-up the file or device.

"Alimony-ware" is the extortion-plot as explained in the above post.

overniteman Wrote:
-------------------------------------------------------
> I think my ex-wife is trying to take over and
> control my camera. She didn't like the NS and
> everytime I go to shoot it, weird things happen.
>
> Such as: 
> On a perfectly sunny day, clouds all of a sudden
> cover the sun as a real good train comes.
> I wait hours and no trains come, but I go to 7-11
> for a soda and I miss multiple trains.
> I send photos to the leading magazines who tell me
> they will publish all of them. Then days later,
> they say they can't use them.
> There are other scenarios, but I can't elaborate
> at this time.
>
> Hope this helps!

Very funny! :-)

bobwilcox Wrote:
-------------------------------------------------------
> So just turn it off.
>
> jst3751 Wrote:
> --------------------------------------------------
> -----
> > LiveWire2 Wrote:
> >
> --------------------------------------------------
>
> > -----
> > > It's really a non-issue for the overwhelming
> > > majority who don't connect their cameras to
> > > unknown WiFi networks.
> >
> > Do you have figures to back that up? I happen
> to
> > know for a fact that Sony cameras (at least a
> > certain type used where I work) by default out
> of
> > the box attempt to connect to any available
> WiFi
> > network to connect Sony servers UNLESS you
> > specificly turn that "feature" off. 

Love it when people make comments about something, and the comment has absolutly nothing to do with the subject at hand.

The newer cameras do have software that can be updated, so it's pretty straight forward for them to be seeking a Wi-Fi connection to the Factory database.

It's pretty well known that the factories make mistakes on their software updates. Microsoft is famous for late Summer updates full of mistakes, because the regular staff was on Vacation and the updates were not properly tested. Many people prevent updates until they can verify, through the media (ie CNet, Consumer Reports, etc ), that the update is good. Another reason to turn off Wi-fi.

jst3751 Wrote:
-------------------------------------------------------
> Love it when people make comments about something,
> and the comment has absolutly nothing to do with
> the subject at hand.

Heh. I can go off topic, too.

Most consumers don't go through the menus to "harden" the security features of their devices, so your post is a reminder for people to be alert ("more cynical") and do so, starting with reading the manual.

Ransomware requires code execution to work, and unfortunately, devices that allow for "automatic updates" are the most vulnerable. It's implied in the article, so I'll repeat it. Merely transferring photos by WiFi is not enough for ransomware to infect.

Anyway, the better advice than the snarky "turn it off" is to disable automatic updates for ANY electronic device, camera or not. FYI, anti-malware software in more sophisticated devices block unauthorized code executions. Obviously such software isn't "running in the background" on cameras.

This is a PTP (Picture Transfer Protocol) vulnerability, in my opinion. PTP was designed primarily for file transfers (safe), not firmware updates. Looks like some naive software developers got "clever" and decided to use PTP for purposes outside its intended function. Happens all the time with "innovation." :-)