Cameras are among the few devices that don’t connect to the internet, so you’d think they’d be immune to hackers. However, researchers have discovered that some DSLRs and mirrorless cameras are actually vulnerable to ransomware attacks, of all things. Once in the range of your camera’s WiFi, a bad actor could easily install malware that would encrypt your valuable photos unless you paid for a key.
Check Point Software noticed that the Picture Transfer Protocol (PTP) — which is unauthenticated in both wired and wireless modes — is particularly vulnerable to malware attacks. Ironically, they were able to uncover flaws in the Canon EOS 80D by using firmware originally cracked by Magic Lantern, which supplies its own open-source app with extra features to Canon EOS owners.
In a video, the researchers showed how they first set up a rogue WiFi access point. Once the attackers were in the range of the camera, they ran an exploit to access the camera’s SD card and encrypt any photos. The surprised owner would then see a message that his pictures are no longer available unless he’s willing to pay a ransom.
Check Point notes that cameras are a great attack target because they contain valuable personal photos that folks would be willing to pay for. It disclosed the vulnerability to Canon in March, and last week, Canon issued an advisory telling folks to avoid unsecured WiFi, turn off network functions and install a new security patch.
The issue affects most of Canon’s camera lineup, from the EOS 70D to the mirrorless EOS R. It might not be limited to Canon, either, as Check Point told The Verge that other manufacturers, which use the same PTP protocol, could also be vulnerable.