Security researchers at Check Point Software Technologies have discovered a security vulnerability on Canon digital cameras. In a report issued Monday, researcher Eyal Itkin demonstrated how he was able to install malware on a Canon E0S 80D camera connected to Wi-Fi.
Itkin and his team chose to use a Canon camera for the simulation in part because Canon is the largest DSLR maker, controlling more than 50 percent of the market. The company’s EOS 80D device was also chosen because it supports both USB and WiFi.
The researchers used the standardized Picture Transfer Protocol to sow malware on personal photos in a way that wouldn’t allow users to access their photos unless they paid a ransom.
“Our research shows how an attacker in close proximity (WiFi), or an attacker who already hijacked our PC (USB), can also propagate to and infect our beloved cameras with malware,” Check Point wrote. “Imagine how would you respond if attackers inject ransomware into both your computer and the camera, causing them to hold all of your pictures hostage unless you pay ransom.”
Bad actors could theoretically “place a rogue WiFi access point at a tourist attraction to infect your camera,” the report noted.
A patch has been in the works since March, when the team initially disclosed the security flaw to Canon. Last week, Canon issued an advisory encouraging consumers to avoid using unsecured Wi-Fi networks, turn off the camera’s network functions when it isn’t in use, and install a new security patch.
Canon noted that as of this week, “there have been no confirmed cases of these vulnerabilities being exploited to cause harm.” Iktin told The Verge that other devices could be vulnerable as well, due to the complexity of the Picture Transfer Protocol.