Over 30 Canon DSLR, Mirrorless and compact camera models found vulnerable to ransomware

Aug 13, 2019

John Aldred

John Aldred is a photographer with over 20 years of experience in the portrait and commercial worlds. He is based in Scotland and has been an early adopter – and occasional beta tester – of almost every digital imaging technology in that time. As well as his creative visual work, John uses 3D printing, electronics and programming to create his own photography and filmmaking tools and consults for a number of brands across the industry.

Over 30 Canon DSLR, Mirrorless and compact camera models found vulnerable to ransomware

Aug 13, 2019

John Aldred

John Aldred is a photographer with over 20 years of experience in the portrait and commercial worlds. He is based in Scotland and has been an early adopter – and occasional beta tester – of almost every digital imaging technology in that time. As well as his creative visual work, John uses 3D printing, electronics and programming to create his own photography and filmmaking tools and consults for a number of brands across the industry.

Join the Discussion

Share on:

Canon has issued a global security advisory relating to Canon digital cameras which feature the Picture Transfer Protocol (PTP) communication system. It’s a pretty long list of 32 cameras, including popular DSLRs like the 5D Mark III, 5D Mark IV, 6D and 6D Mark II, as well as their full-frame mirrorless cameras, the EOS R and EOS RP.

The vulnerability was discovered by Check Point Software Technologies, Ltd. They used information from the Magic Lantern forums in order to open up the firmware and uncover the flaws.

YouTube video

Essentially, as demonstrated in the above video, the exploit would allow an attacker to break into the camera’s file system on the SD card over WiFi and encrypt the user’s files. It then displayed a message on the screen stating that the files would be unlocked after a ransom is paid. Check Point says they notified Canon of the vulnerability back in March and the two companies have been working together in order to help resolve it since then.

The advisory reads…

An international team of security researchers has drawn our attention to a vulnerability related to communications via the Picture Transfer Protocol (PTP), which is used by Canon digital cameras, as well as a vulnerability related to firmware updates.
(CVE-ID: CVE-2019-5994, CVE-2019-5995, CVE-2019-5998, CVE-2019-5999, CVE-2019-6000, CVE-2019-6001)

Due to these vulnerabilities, the potential exists for third-party attack on the camera if the camera is connected to a PC or mobile device that has been hijacked through an unsecured network.

At this point, there have been no confirmed cases of these vulnerabilities being exploited to cause harm, but in order to ensure that our customers can use our products securely, we would like to inform you of the following workarounds for this issue.

  • Ensure the suitability of security-related settings of the devices connected to the camera, such as the PC, mobile device, and router being used.
  • Do not connect the camera to a PC or mobile device that is being used in an unsecure network, such as in a free Wi-Fi environment.
  • Do not connect the camera to a PC or mobile device that is potentially exposed to virus infections.
  • Disable the camera’s network functions when they are not being used.
  • Download the official firmware from Canon’s website when performing a camera firmware update.

Please check the Web site of the Canon sales company in your region for the latest information regarding firmware designed to address this issue.

The complete list of cameras is not mentioned on the global advisory, however, they are listed on an alert on the Canon UK website.

These vulnerabilities affect the following EOS-series digital SLR and mirrorless cameras:

EOS-1DX*1 *2 EOS 6D Mark II EOS 760D EOS M5
EOS-1DX MK II*1 *2 EOS 7D Mark II*1 EOS 77D EOS M6
EOS-1DC*1 *2 EOS 70D EOS 1300D EOS M10
EOS 5D Mark IV EOS 80D EOS 2000D EOS M100
EOS 5D Mark III*1 EOS 750D EOS 4000D EOS M50
EOS 5DS*1 EOS 800D EOS R PowerShot SX70 HS
EOS 5DS R*1 EOS 200D EOS RP PowerShot SX740 HS
EOS 6D EOS 250D EOS M3 PowerShot G5X Mark II

*1 If a WiFi adapter or a Wireless file transmitter is used, WiFi connection can be established.
*2 Ethernet connections are also affected by these vulnerabilities.

Firmware update information will be provided for each product in turn starting from products for which preparations have been completed.

So far, a firmware update for the Canon EOS 80D has been released to address the issue.

If you own one of the other affected cameras, you’ll want to keep checking back for new firmware updates.

[Check Point Software Technologies, Ltd. via The Verge]

Filed Under:

Tagged With:

Find this interesting? Share it with your friends!

John Aldred

John Aldred

John Aldred is a photographer with over 20 years of experience in the portrait and commercial worlds. He is based in Scotland and has been an early adopter – and occasional beta tester – of almost every digital imaging technology in that time. As well as his creative visual work, John uses 3D printing, electronics and programming to create his own photography and filmmaking tools and consults for a number of brands across the industry.

Join the Discussion

DIYP Comment Policy
Be nice, be on-topic, no personal information or flames.

Leave a Reply

Your email address will not be published. Required fields are marked *

4 responses to “Over 30 Canon DSLR, Mirrorless and compact camera models found vulnerable to ransomware”

  1. Alain Pereira Avatar
    Alain Pereira

    Julien Martelli

  2. Aaron March Avatar
    Aaron March

    If you’re taking sh*t photos, it won’t matter ?

  3. Mahta Tayyar Avatar
    Mahta Tayyar

    Is this something that’s very likely to happen? Is it happening internationally? Should I be worried about it if I live in an Asian country?
    Dude I finally got a canon dslr camera after working part time and managing university and this is the shit I see everywhere ughhhh

  4. Adrianna Avatar
    Adrianna

    With most tools it is pain in the bu** to transfer files over the internet quickly. I recommend a fast file transfer software called Binfer.