I was told about this a bit earlier today, but the short of it is there’s a baby monitor the connects to the internet that you can view from anywhere, change the camera angle, listen to your baby and even talk to them to calm them down when they’re sleeping. Problem is it’s now a hacked baby monitor.
Imagine you heard someone screaming at your baby in the middle of the night from one of these. That’s what happened to some people who bought a pre-made baby monitor and didn’t make it themselves.
Marc Gilbert awoke in Texas to hear someone telling his daughter to “wake up you little shit,” and the camera rotated to watch him as he rushed to unplug it while the voice on the other end was making disparaging remarks about the parents as it now watched Marc approach. According to Forbes, it was a Foscam wireless camera that contained a vulnerability that was disclosed months ago, and evidently not patched by the parents.
There are currently over 400,000 of these cameras out there, so yeah.
This is a case of parents purchasing a solution and it turning around and biting them on the ass. Now parents who purchased these cameras can play tech support and download a firmware update to address the vulnerability and then push it to the camera after reading a boatload of instructions. Or maybe it’s easy, but still, the point is it’s IT support.
This is a pretty big case of people with an interesting idea but little security knowledge selling you a product that allowed hackers into your home to watch your kids. What else you could do with a hacked baby monitor watching baby, I don’t know. My guess is that when the cameras were exploited it would be possible to get into your network as well, but who knows.
Anyway parents, if you’re not going to be a security pro and at least monitor connections into your camera, don’t get these things. This is a nightmare situation where the parents have no idea who was doing it, or how long they’d monitored the kid or what they’d seen over these cameras as they don’t appear to offer even basic monitoring, like any Android wireless camera might 😉
I’m not really sure what I’m suggesting with this article except this will happen again and again as more devices come on the net from the lowest bidder and companies keep throwing in components and code that builds on existing vulnerabilities.
Does this mean keep your kids away from tech? No, it means you should understand what you’re playing with when you connect something to the internet. There’re bad people out there, and you just painted a target on your house.
I will say, they are kind of neat if you look past the whole extreme vulnerability thing and want to give the company a second chance with their new firmware.