CATEGORIES
home News

Sony’s Professional Grade IPELA Cameras Vulnerable To Mirai Botnet Recruitment Via Backdoor Exploit

by Brandon HillWednesday, December 07, 2016, 04:30 PM EDT
Over the past few months, we’ve witnessed the Mirai botnet wreak havoc with IoT devices like consumer webcams, DVRs and security cameras. These often budget-minded devices were often equipped with insecure software or employed security countermeasures that were easily overpowered.

However, we’re learning today that it isn’t just cheap consumer devices that are susceptible to attacks — even high-end equipment can be compromised if a hacker has enough motivation to dig for exploits. Such is the case with Sony’s professional grade IPELA Engine IP cameras. According to SEC Consult, a backdoor was found on these cameras that would allow a would-be attacker to inject code and further penetrate a network.

sony ipela

Considering that these cameras are used by businesses and government institutions, such a vulnerability is rather severe and should not be taken lightly. “An attacker can use cameras to take a foothold in a network and launch further attacks, disrupt camera functionality, send manipulated images/video, add cameras into a Mirai-like botnet or to just simply spy on you,” writes SEC Consult.

As of this writing, 80 different Sony cameras are vulnerable to this backdoor. Access to the cameras is made possible by two separate login accounts that are not listed in documentation for the IPELA cameras: primana and debug. Using the username/password combination of primana/primana or debug/popeyeConnection grants access to the cameras. The backdoor allows hackers login via Telnet/SSH and gain full access to the Linux shell with root privileges.

It’s only a matter of time before these username/password combinations make their way into Mirai’s master list, turning these high-end cameras into mindless zombies.

“We believe that this backdoor was introduced by Sony developers on purpose (maybe as a way to debug the device during development or factory functional testing) and not an "unauthorized third party" like in other cases (e.g. the Juniper ScreenOS Backdoor, CVE-2015-7755),” SEC Consult continues.

SEC Consult first contacted Sony about the backdoor in October, and Sony released updated firmware for affected cameras on November 28th (which can be downloaded here). The question now is how many of the corporations and governments that operate these cameras know that they are vulnerable and that there is firmware to mitigate the security risk?

Tags:  Sony, botnet, backdoor, IoT, ipela
TOP CONVERSATIONS
Your Next PC Platform?
More Results
KEEP INFORMED
SITE

Home

Reviews

News

Blogs

Full Site

Sitemap

CATEGORIES

PC Components

Systems

Mobile

IT Infrastructure

Leisure

Videos

COMPANY

About

Advertise

News Tips

Contact

Privacy And Terms

HotTech

MORE

Accessibility

Shop

STAY CONNECTED

Twitter

Facebook

YouTube

RSS

As an Amazon and Howl Technologies Associate, HotHardware earns a commission from qualifying purchases made on this site. This site is intended for informational and entertainment purposes only. The contents are the views and opinion of the author and/or his associates. All products and trademarks are the property of their respective owners. Reproduction in whole or in part, in any form or medium, without express written permission of Hot Hardware, Inc. is prohibited. All content and graphical elements are Copyright © 1999 - 2024 David Altavilla and Hot Hardware, Inc.
All rights reserved. Privacy and Terms - Accessibility Commitment