chushpan
Professional
- Messages
- 996
- Reaction score
- 844
- Points
- 93
A number of recent reports have suggested that webcams and IP cameras are key enablers in devastating cyberattacks, giving hackers a springboard to spread malware.
A ransomware gang gained initial access and deployed their tools, but hit a wall when the antivirus solution quarantined the files. Luckily, they spotted a webcam on the network. A report from the S-RM team found that Akira ransomware, which accounts for about 15% of incidents, compromised a webcam and used it to bypass endpoint detection and response (EDR) systems.🗞 “The EDR tool detected and quarantined the ransomware binary, preventing Akira from deploying the malware to the victim’s environment. Unable to resist, the threat agent scanned the network and discovered an unprotected webcam on the same network”, the report published last week said.
The hackers scanned the network during the initial stages of the attack and found several IoT (Internet of Things) devices, such as a fingerprint scanner and a vulnerable webcam.
The webcam had critical flaws that allowed remote code execution and unauthorized remote viewing. The device ran a lightweight Linux operating system without antivirus software. Akira used it to deploy a Linux ransomware variant and encrypt files on the victim’s network.
