The seller of the this CCTV camera, Urban Security Group had good user reviews and was offering Sony Setup, but now it is not available due to the backlash from the users. When Olsen received the surveillance kit, he started configuring it by logging into the administrator panel. Ohio said that while the page displayed the camera feed, no “normal controls or settings were available,”. He further said “Being one of those guys who assumes bad CSS, I went ahead and opened up developer tools,”. “Maybe a bad style was hiding the options I needed. Instead what I found tucked at the bottom of the body tag was an iframe linking to a very strange looking host name.” The investigation disclosed the host name as Brenz.pl which is related to malware distribution. The Brenz.pl was first discovered spreading malware in 2009 before being closed down, however it again emerged in 2011. “Compromised domains link to the address through malicious iFrames for the purpose of distributing malware hosted on the website” states ZDNet. If the devices firmware links to this domain, there is possibility of malware of getting downloaded and installed which can result in illegal surveillance and data theft. The malware which is being circulated by surveillance camera have the ability to confiscate video feeds. However it is not known that how the surveillance kits became infected, Olsen said that the device wasn’t delivered directly from China where the products are manufactured.
Δ