Endpoint //

Privacy

5/9/2018
05:00 PM
50%
50%

Script Kiddies, Criminals Hacking Video Streams for Fun & Profit

Video streams are getting hijacked for 'prestige,' DDoS, and financial gain, a new report found.

Video streams are being hijacked in vast quantities and the biggest reason for the intrusion is … fun. The good news for businesses is that their cameras tend not to be the primary targets. They are, instead, "warm up" targets used by hackers getting ready for the real thing — cameras from adult content websites, according to a new report.

Trend Micro's Forward-Looking Threat Research (FTR) Team says that most camera hacking is being done by "script kiddies" who are in it for fun and peer-group prestige. According to the report, "Information on exposed cameras or cameras with known passwords is widely shared on the 'Fun' sections of underground forums or in dedicated prank groups in certain social networks."

Serious criminals also use the activities of the script kiddies to mask their own attacks, "exposing the video streams of cameras or even exploiting these IoT devices for malicious activities such as distributed denial-of-service (DDoS) attacks, covert cryptocurrency mining, and even financial crimes."

For more, read here.

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
New Free Tool Scans for Chrome Extension Safety
Dark Reading Staff 2/21/2019
Making the Case for a Cybersecurity Moon Shot
Adam Shostack, Consultant, Entrepreneur, Technologist, Game Designer,  2/19/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-9037
PUBLISHED: 2019-02-23
An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is a buffer over-read in the function Mat_VarPrint() in mat.c.
CVE-2019-9038
PUBLISHED: 2019-02-23
An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is an out-of-bounds read problem with a SEGV in the function ReadNextCell() in mat5.c.
CVE-2019-9026
PUBLISHED: 2019-02-23
An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is a heap-based buffer overflow in the function InflateVarName() in inflate.c when called from ReadNextCell in mat5.c.
CVE-2019-9027
PUBLISHED: 2019-02-23
An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is a heap-based buffer overflow problem in the function ReadNextCell() in mat5.c.
CVE-2019-9028
PUBLISHED: 2019-02-23
An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is a stack-based buffer over-read in the function InflateDimensions() in inflate.c when called from ReadNextCell in mat5.c.