Researchers create ransomware that encrypts your DSLR camera photos

Ransomware is usually associated with PCs run in the bowels of some antiquated IT department. Now, however, researchers have figured out how to move the stuff onto your DSLR – with catastrophic results.

The ransomware essentially infects a high end camera and then encrypts all of the photographs on the card. Check Point has create a proof-of-concept that lets hackers connect to a camera via Wi-Fi and inject the code, essentially shutting down the camera until a ransom is paid. They write:

Our research shows how an attacker in close proximity (WiFi), or an attacker who already hijacked our PC (USB), can also propagate to and infect our beloved cameras with malware. Imagine how would you respond if attackers inject ransomware into both your computer?and?the camera, causing them to hold all of your pictures hostage unless you pay ransom.

The researchers used an open source OS for the Canon EOS 80D, by probing it for exploits, were able to upload the ransomware and activate it. Once a malicious payload is uploaded wirelessly the camera will load it automatically and go into lockdown. “There is a PTP command for remote firmware update, which requires zero user interaction,” wrote the researchers. “This means that even if all of the implementation vulnerabilities are patched, an attacker can still infect the camera using a malicious firmware update file.”

The result? Your camera is toast unless you pay up.

Luckily this is just a proof-of-concept and the attack isn’t in the wild yet. That said, keep your camera close by when you’re in sketchy areas. You never know when a hacker might strike.

John Biggs

John Biggs is an entrepreneur, consultant, writer, and maker. He spent fifteen years as an editor for Gizmodo, CrunchGear, and TechCrunch and has a deep background in hardware startups, 3D printing, and blockchain. His work has appeared in Men’s Health, Wired, and the New York Times.

View all posts by John Biggs →

Leave a Reply

Your email address will not be published. Required fields are marked *