Security researcher Mike Olsen has made the disturbing discovery on a surveillance camera purchased on the Amazon website.
The researcher said in a blog post that while searching Amazon for a decent set of outdoor surveillance cameras for a friend, he came across a deal for 6 PoE cameras and recording equipment.
After receiving the devices, Olsen started setting up the surveillance system, logging and configuring it via the administration console.
To his surprise, the admin interface showed the camera feed but without any of the standard settings or controls usually available.
“Being one of those guys who assumes bad CSS, I went ahead and opened up developer tools, maybe a bad style was hiding the options I needed. Instead what I found tucked at the bottom of the body tag was an iframe linking to a very strange looking host name.” Olsen said.
After further investigation, Olsen found out that the strange host name, “brenz.pl”, is in fact linked to a host domain used for malware distribution
CyberWarZone, cyber security information monitoring website, recently explained in a post that “Brenz.pl is used by cybercriminals to infect unaware users with malware and Trojans which allow the cybercriminals to gain full control of the infected device.”
In this case, the site appears to be accessed through iframe injection, a technique that loads elements of another webpage within the one a user has deliberately accessed. While this method is widely used across the web for legitimate purposes, it also has a wide range of malicious applications.”
Last month, a similar issue was raised on an Australian discussion forum with a related camera, used in commercial products, being linked to the domain Brenz.pl
This a key reason for Olsen alerting and raising users awareness about the potential danger some equipment can embed, especially when most people do not suspect them to be dangerous.
Furthermore, Olsen believes that all equipment to be installed in a house, especially equipment that can be connected to the Internet, should be thoroughly checked before the installation. This is the only way to ensure the confidentiality and security of data and people.
The seller, Urban Security Group, when contacted, assured Slate.com that none of its products have spyware, viruses, or malware. A representative of the company said “We’ve sold about 200x cameras since the beginning of the year and none have had any issues,”