$30 webcam spun into persistent network backdoor

Vectra Networks security wonks have spun a cheap webcam into a backdoor to persistently p0wn PCs.

The junk hacking expedition led Vectra's chief security chap Gunter Ollman into the internals of the D-Link DCS 930L, a network camera that can be had for US$30.

The attacks are useful as an alternative backdoor for targeted attackers who already have access to a machine, or for those capable of compromising a device before it is installed by the user.

It is not something users should expect to surface in the wild and is rather an example of the risks posed by internet-of-things devices.

Ollman dumped and reflashed the camera's firmware so that it opened a remote backdoor that was difficult to detect and did not affect normal operation.

The update feature was also removed, preventing the backdoor from being lost through patches.

"The irony in this particular scenario is that WiFi cameras are typically deployed to enhance an organisation's physical security, yet they can easily become a network security vulnerability by allowing attackers to enter and steal information without detection," Ollmann says.

"Consumer-grade internet-of-things products can be easily manipulated by an attacker, used to steal an organisation's private information, and go undetected by traditional security solutions.

"While many of these devices are low-value in terms of hard costs, they can affect the security and integrity of the network, and teams need to keep an eye on them to reveal any signs of malicious behaviour."

D-Link has not fixed the vulnerability but researchers do not expect a patch will be forthcoming. A fix would require a Trusted Platform Module or specialised chip to verify software updates.

Hardware analysis complete with Leatherman-sliced hand is available for engineer's viewing pleasure. ®