Your camera could be hit by encrypting camera ransomware

While your DSLR may not be connected to the internet, it still is vulnerable to ransomware. According to researchers, camera ransomware is a thing.

Researchers from Check Point Software have discovered that some DSLRs and mirrorless cameras are vulnerable to ransomware attacks. If your camera has WiFi capabilities, a hacker can get into your camera and install malware that will encrypt photos, unless you have paid for a key.

They noticed the Picture Transfer Protocol (PTP) is particularly vulnerable to malware attacks. It’s unauthenticated in both wired and wireless modes. In tests, they were able to uncover flaws in the Canon EOS 80D by using firmware.

The test

In the video above, the researchers demonstrated how they were able to set up a rogue WiFi access point. Once the attackers are in range of the camera, they can run an exploit to access the camera’s SD card and encrypt any photos.

Sadly, after this all is done, the owner will receive a message telling him or her the camera’s pictures are no longer available unless he or she pays a ransom.

Why use camera ransomware?

Photos are very precious to photographers. Check Point says that cameras are a great attack target because they contain valuable personal photos. The attacked are also willing to pay to get them back. It’s an easy way for attackers to make cash.

How to prevent this from happening?

This issue turns out to affect Canon cameras most; that includes the EOS 70D as well as the mirrorless EOS R. Canon has issued an advisory telling users to avoid unsecured WiFi. The company also advises customers to turn off network functions and install a new security patch.

It isn’t just limited to Canon though. Check Point says that many other manufacturers that use the same PTP protocol could be vulnerable to camera ransomware.

Sean Berry
Sean Berry
Sean Berry is Videomaker's Managing Editor.

Related Content