A group of hackers claims to have compromised over 50,000 home security cameras and published their private footage online.
Some footages were published on adult sites, experts reported that crooks are offering lifetime access to the entire collection for US$150.
The news was reported by The New Paper, which also confirmed that over 70 members already paid the US$150 subscription for lifetime access to the loot.
“Clips from the hacked footage have been uploaded on pornographic sites recently, with several explicitly tagged as being from Singapore.” reported The New Paper.”
“The group, which can be found on social messaging platform Discord, has almost 1,000 members across the globe. As of Saturday, it has claimed to have shared more than 3TB of clips with over 70 members who paid a subscription fee of US$150 (S$203) for lifetime access.”
The videos show people of varying ages in compromising positions, in some cases undressed.
Most of the videos appear to belong to people from Singapore, other private footages come from people living in Thailand, South Korea, and Canada.
The gang uses the instant messaging app Discord and has nearly 1,000 members, it focuses on the hacking security cameras.
As proof of the hacks, the gang is offering a free sample containing 700 megabytes worth of data, including over 4,000 clips and pictures. They would also offer access to all hijacked cameras with their customers.
“The group claims to have a list of more than 50,000 hacked cameras that members can access. It also claims that VIP members will be taught how to “explore, watch live and even record” hacked cameras through tutorials and personalised sessions.” continues the article.
The news is not surprising, unfortunately in many cases IoT devices, including IP cameras, are deployed without proper security measures.
At the time of publishing this post, it is still unclear how the hackers compromised the IP cameras, likely hackers exploited some vulnerabilities in the devices or simply guessed weak passwords used to protect them.
Let’s remind that accessing these IP cameras could be considered a serious crime, where the victims are under the age of 16, the users could be charged for child pornography.
“As worrying as it may seem, this comes as a clear reminder that when cameras are placed on the internet, they must be properly installed with security in mind. When smart devices are set up, they are still regularly placed around the home with no second thought for privacy,” said ESET Security Specialist Jake Moore.
In June 2017, security experts at security firm F-Secure discovered tens of vulnerabilities in tens of thousands of Internet-connected cameras from China-based manufacturer Foscam.
The flaws could be exploited by attackers to take over the Internet-connected cameras, upload and download files from the built-in FTP server, and view video feeds.
(SecurityAffairs – hacking, IP cameras)