It’s like something out of a sci-fi horror movie. Internet connected cameras following you, all by themselves, as you move around the room. Not only following you, though, but actually speaking to you. According to RTL, though, that’s exactly what happened to Netherlands based IP camera owner, Rilana Hamer.
She’d purchased the camera from local retailer Action, to be able to keep an eye on her puppy while away from the house. Quite a logical reason to get one, especially with how little such cameras cost today. One day, though, she got the fright of her life when it actually heard it whisper the words “Bonjour Madame”.
Warning : This video does contain some profanity.
Hamer tells RTL “You connect it to your Wi-Fi and plig it into your power outlet. With a password and secure installation, I could keep an eye on my house”. It turns out, though, that the installation wasn’t all that secure, as somebody else managed to gain control of the camera to watch her.
Immediately she pulled the plug and put the camera in a box. “I was full of fear and thought I was crazy” she went on to say. She attempted to turn the camera back on a time later, and within minute she heard voices again.
When French failed to get this person anywhere with Hamer, they switched languages, offering “Hola señorita!”. Needless to say, Hamer wasn’t all that impressed.
The camera has since been returned to the store, where they say they situation is being investigated. Now it’s all a matter of figuring out how these people were finding the camera and how they got in. Was it all just down to bad default passwords that didn’t (or couldn’t) be changed? Or is there a more serious exploit in the system?
The store says that Hamer’s is the first complaint of such activity, and the camera is now almost sold out.
It’s almost like an evil practical joke. The kind of prank you’d play on a friend to intentionally freak them out. But this is no joke, and it’s not the first time we’ve heard of IoT products being exploited. Nor Internet connected cameras.
A cyber attack last October brought much of the Internet, including Twitter and PayPal, to its knees for a short time. This was the result of exploited Internet connected cameras being overtaken in a coordinated DDoS (Distributed Denial of Service) attack.
Whether this camera is one of the models used in last year’s attack is unclear. What is crystal clear, though, is that such devices really need to step up their game when it comes to security.
And if you’re looking at picking up an Internet connected device, be sure to do some Googling before you purchase. Otherwise, you don’t know what, or whom, you may be letting into your home and network.