Well … they didn’t sell it to me per say, and no one got a shirt, but Amazon has been unknowlingly selling security recording equipment with embedded malware. This discovery was made by Mike Olsen, labeled as an “artful hacker” by PC Magazine, former lead research software engineer at Arizona State University, oh and a rocket scientist.
Olsen took to trust Amazon, when he needed to order outdoor surveillance cameras for his friend’s home. He came across a deal for a set of PoE cameras, and all the necessary recording equipment. But when he logged on to the admin webpage to configure the system, he noticed that something was off. Being an IT guru (and rocket scientist), he opened up the developer tools with the assumption that a bad CSS style was hiding the proper options that he needed. What he found instead was a very strange looking host.
[i] Images retrieved from Artful Hacker
According to cyber security company Sucuri, Brenz uses “compromised domains to link to the address through malicious iFrames, for the purpose of distributing malware hosted on the website.” If a device – such as security recording equipment with networking capabilities – links to this Brenz domain, malware can be downloaded and installed, which likely would lead to data theft, and in this case unauthorized surveillance.
[ii] Image retrieved from Artful Hacker
The reality of today, is that any device that contains internet capabilities or networking, can potentially contain security threats to your device, your data, and your identity. Even if you fully trust the platform you are using, we recommend going online and researching products reviews for not only satisfaction, but for any alerts. As Olsen bluntly states, “Amazon stuff can contain malware.”
Connect with Secure Sense to protect data, your network, and systems 24/7, 365 days a year. If you have questions or want to learn more, please contact Secure Sense by calling 866-999-7506.
[i&ii] To see more details surrounding this security recording equipment read here: