Check Point Research Discovers Ransomware WiFi Vulnerabilities on Canon DSLR Camera

In the age of smart devices, any product connected to the internet is susceptible to malicious attacks -- even cameras.

Case in point: a recently discovered exploit on Canon's EOS 80D DSLR that could make the device vulnerable to a ransomware attack. For those unfamiliar with the term, ransomware is malware designed to prevent users from accessing their data unless the user pays the hacker a fee. Likewise, ransomware attacks can also involve hackers threatening to publicly release a user's private data unless the hacker is paid.

As reported by Lensvid, the Canon EOS 80D DSLR ransomware process was recently developed by Check Point Research and demoed at the DEF CON 2019 Hacking Conference in Las Vega, revealing how a hacker could encrypt the camera's photos by using the device's WiFi connection. Check out the video below for a demonstration of the ransomware attack in action.

The exploit employed by Check Point Research utilized vulnerabilities found in the EOS 80D, particularly related to its Picture Transfer Protocol, to develop ransomware that uses the same cryptographic functions as the camera's firmware update process. With the ransomware in hand, all an attacker has to do to deploy the attack is set-up a rogue WiFi Access Point. After being initiated, the ransomware can then encrypt pictures stored on the hacked camera and present the user with a message detailing the attacker's payment demands.

Thankfully, Check Point Research shared their findings with Canon before the conference and the company has since released a firmware update to secure the EOS 80D from the exploits used in the demonstration. In addition, Canon also released other suggested workarounds for the problem which can all be viewed HERE.

Though there is no reason to believe that this exploit was ever actually used for malicious purposes before being fixed, demonstrations like this serve as important reminders about the vulnerabilities our connected devices and private data face. Likewise, Check Point has concluded that similar PTP exploits may continue to exist in other camera models across different brands.

Sources: Lensvid, Check Point Research