More than 120 thousand. Connected to the Internet cameras are vulnerable to hacking, warned Bitdefender specialist Alex Balan (Alex Balan). According to the researcher, two camera models of the Chinese manufacturer Shenzhen Neo Electronic (NIP-22 and iDoorbell) contain vulnerabilities that allow remote access to the video stream or gain full control over the devices, which will provide an opportunity to create an Iot botnet that includes about 150 thousand. Gadgets.

Balan tried to inform the camera manufacturer about the vulnerabilities, but never received a response from the company. Currently, problems remain uncorrected, and it is possible that they will never be eliminated, the researcher noted..

The first vulnerability lies in the fact that the factory login and password in the NIP-22 and iDoorbell models can be easily guessed and with their help remote access to the camera. According to the search system Shodan, currently on the Internet available about 130 thousand. Vulnerable cameras that can be hacked using user / user combinations, guest / guest.

The second problem is the buffer overflow vulnerability, which allows you to remotely gain control of the device and turn it into a "zombie".

According to the expert, cameras from other manufacturers can also contain similar vulnerabilities, since they use the same firmware. Balan did not disclose information about which trademarks in question.