Recently, Eyal Itkin, Check Point Security researcher discovered some critical vulnerabilities which infect a Canon EOS 80d with ransomware. It seems that the days are gone where ransomware could only infect desktops and laptops.
Eyal Itkin started monitoring the camera after it was connected to a computer with the help of a USB cable. Itkin identified some weakness in the interaction of Canon camera with the Picture Transmission Protocol (PTP) as soon as the EOS Utility software fired up to communicate with the camera.
Experienced Itkin easily stole the encryption keys used by Canon to verify firmware updates and with those, he created a malicious firmware update and linked it to the camera. According to Itkin, the whole process was invisible which means if it was your computer and your camera, you wouldn’t have had any idea what is going on!
The last stage of the ransomware attack encrypts all media (photos and videos) and issues a ransom demand right on the camera’s built-in display. However, Itkin did not stop there, he went beyond this. Eventually, he has found a way to compromise the same camera over a wireless network. A switch to wireless communication simply crashed the camera initially but later, he found a way to deliver the same malicious ransomware update without any cable or EOS Utility app.
According to Itkin, though it might be annoying if a hacker did that to your camera, that’s not dangerous at all.
Last March, Check Point informed Canon about the vulnerabilities and by mid of May it was validated by the company. As of now, an official firmware update available to Canon EOS 80D camera owners around the globe.
Though Canon still claims that there is no evidence of any wild attacks, Itkin’s video points out two things: firstly to run all your devices in the latest update available and secondly, to connect with only trusted wireless networks.
Watch the video of how the researchers exploited the DSLR camera,