Home
Artists
Search Recent Random
Posts
Search DMs Popular Hash Lookup Tags Random
Importer
Import FAQ
Register
Partychan Telegram Find&Fuck Waifus ThePornDude
Home Artists Posts Import Register

Millions of IoT Devices Exposed (Patreon)

Published:
2019-05-01 16:49:24
Imported:
2023-11
Tags:

Downloads

Content

by Shannon Morse, Threatwire  

Millions of baby monitors, webcams, security cameras, DVRs, and smart doorbells are vulnerable to P2P flaws that would allow an attacker to eavesdrop, steal credentials, or even remotely compromise a device according to security researcher Paul Marrapese. Marrapese found multiple vulnerabilities in the peer to peer communications protocol which is built into many IoT devices, specifically involving iLnkP2P which is software for P2P developed by a China-based technology company. It comes automatically on these devices to allow quick and easy remote access via a mobile app. You simply scan a barcode or put in a six digit ID that’s plastered on the bottom of the device, and tada - your mobile phone can now remotely connect to that IoT device. 

But with that convenience also comes security flaws. iLnkP2P offers no encryption nor any authentication. It can be enumerated easily too - the UIDs for the devices all start with a unique alphabetic prefix that defines the manufacturer but is clearly published. Devices also feature a heartbeat - which will ping the P2P server at timed intervals. These both allow a hacker to get a direct connection to the device and bypass any restrictions like a firewall, even going as far as stealing passwords from the devices. The enumeration vulnerability has CVE-2019-11219 while the man in the middle attack against the heartbeat functionality has CVE-2019-11220.

Of the two million Marrapese found to be vulnerable with a proof of concept script, 39% are in China, 19% in Europe, and 7% are in the US. Brands included iMega Cam, EyeCloud, CoolCamOp, APCamera, and a lot more.

Since many of these will be running on their factory-default passwords with no security in mind, they could easily be susceptible to a hack. And once the attacker has a foothold on these kind of devices, they can be used as a part of a much larger hack such as what we saw with the Mirai botnet.

Marrapese started reaching out to vendors 4 months ago, but they did not respond. He considered that remediation is unlikely due to the hardcoded UIDs, which can not be changed, the low likelihood that a user would actually update the software, and logistical issues involving device recalls since the technology company in question has multiple sub vendors who then resell the devices with their own branding. And sadly, there is no good way to disable P2P on these devices either.

Network admins could block the IoT devices from communicating with P2P servers by blocking outbound traffic on UDP port 32100. And if you are researching security cameras or baby monitors to buy, avoid these products. Marrapese lists what devices are vulnerable based on their UIDs on his website - hacked.camera.

https://krebsonsecurity.com/2019/04/p2p-weakness-exposes-millions-of-iot-devices/ 

https://www.zdnet.com/article/over-two-million-iot-devices-vulnerable-because-of-p2p-component-flaws/ 

Comments

Anonymous

Ironically, Chrome won't let me get to hacked.camera because of certificate issues.