Ransomware viruses are complete tin. I remember how one of my friends got one of these. A porn banner hung on a good half of the monitor and did not disappear. Of course, getting rid of it then was relatively easy – just rummage through some system files and delete a couple of lines.
But years passed, and the extortionists became more serious. And now, rummaging through system files is not enough. And how to access the system files of the DSLR?
What is the essence of the story?
Check Point Research is a cybersecurity company. Her researchers found that without any problems you can access the firmware files of DSLR cameras and inject malicious code into it.
As an example, a ransomware program that blocked access to photos and videos of the owner. The program required to pay for access to files in bitcoins (is it still alive at all?).
How does it work?
We are talking about cameras that work with PTP – a protocol that transmits images over Wi-Fi. A convenient thing that allows you to forget about the cables. Until the camera starts to extort bitcoins in exchange for a photo.
The problem is that PTP does not support authentication, but it supports dozens of complex commands. And to implement the code in the firmware in this case is not difficult. Here's what it looks like:
Is it dangerous?
Rumor has it that most photographers do not use PTP. After all, it’s much simpler and faster to simply remove the card from the camera and insert it into the card reader: it is so much faster to transfer, because PTP is a very slower protocol.
But the story with the extortion of bitcoins on the “mirrors”, of course, is ridiculous. And you still complain about advertising in Xiaomi.
. (tagsToTranslate) news