A spate of hacking exploits that has been carried out against the Samsung SmartCam has raised concerns about the level of safety of the smart cameras and the botnet of the Internet of Things, in general, experts have said.
Over the past few weeks, hackers have demonstrated how it is possible to gain unauthorised access to the smart cameras and remotely command the device to perform specific functions as if the hacker is an administrator.
According to a hacking group called Exploitee.rs, which is primarily responsible for carrying out the exploits against the Samsung SmartCam, it is possible for hackers to access the web server that is running the smart camera by designing a new type of file and carefully injecting it into the system.
‘By crafting a particular file name, storing it into the tar command system and then passing it to a PHP system call, we can successfully gain root command control of the device,’ the researchers of Exploitee.rs wrote about their exploits.
Samsung SmartCams have been experiencing a wave of successful hacking attacks since they were introduced to the market, putting millions of people who use them at risk. In the first wave of attacks, cyber criminals managed to access the administrator settings of the device remotely and surreptitiously change the passwords and other administrator-related details.
In the wake of this attack, Samsung was quick to point out that it was not solely responsible for the security of the devices, given that it had sold the division that was responsible for the design and development of the devices to another company.
Samsung had sold its smart camera-making division, Samsung Techwin, to Hanwha Group, another leading South Korean conglomerate.
After the first wave of attacks, it appeared that special measures were immediately taken to prevent similar attacks from occurring in the future. One of the significant changes that were implemented involved removing the web interface that allowed users to connect the device to the SmartCloud website of the company was removed.
However, as the researchers at Exploitee.rss report, the removal of the interface was not an effective measure because hackers can still access the server that is still running the cameras. The researchers further point out that it is because the company failed to remove the server and only deactivated the web interface that hackers can successfully gain root access to the server and remotely compromise the functioning of the camera.
It remains to be seen how this new vulnerability shall be handled, given that it has raised a lot of concern about the safety of the Internet of Things, in general.