Emma Woollacott reports:
Images of children in their bedrooms have been freely available on the web, following a security breach by webcam company Trendnet.
The breach affects thousands of feeds, and was caused by an error in code introduced nearly two years ago.
“It is Trendnet’s understanding that video from select Trendnet IP cameras may be accessed online in real time,” says the company.
The flaw was first discovered by the Consolecowboys hacking blog, which details how the cameras’ video streams are accessible to anyone with the correct net address – and how the Shodan search engine can be used to discover vulnerable cameras.
Read more on TG Daily. It seems the blog post identifying the problem was originally posted on January 10 and TRENDnet has taken some steps since them to resolve the problem (see the comments under the post). Yesterday, the firm posted a notice on their site:
TRENDnet has recently gained awareness of an IP camera vulnerability common to many TRENDnet SecurView cameras. It is TRENDnet’s understanding that video from select TRENDnet IP cameras may be accessed online in real time. Upon awareness of the issue, TRENDnet initiated immediate actions to correct and publish updated firmware which resolves the vulnerability.
Read more of their statement on their site.
TRENDnet has posted the resolution to the security breach on their IP cameras. You can check information on affected TRENDnet IP cameras at: http://www.trendnet.com/press/view.asp?id=1958. You can download critical firmware along with detailed update instructions for the affected TRENDnet IP cameras at http://www.trendnet.com/downloads/ .