Surveillance Cameras Sold On Amazon Found Infected With Malware

An anonymous reader shares a report on ZDNet: Security researcher Mike Olsen has warned that some products sold through the Amazon marketplace are harboring a dark secret -- malware. Olsen said in a blog post that while scouring Amazon for a decent set of outdoor surveillance cameras for a friend, he came across a deal for 6 PoE cameras and recording equipment. The seller, Urban Security Group, had generally good reviews and was offering a particular Sony setup on sale. After purchasing the kit, Olsen started setting up the surveillance system, logging into the administrator panel to configure it. [...] Upon investigation, Olsen found that the device was talking to a server with hostname Brenz.pl, which is linked to malware distribution. If the device's firmware links to this domain, malware can be downloaded and installed, potentially leading to unlawful surveillance and data theft.Perhaps the company which made the device didn't realize its source code was compromised. While the aforementioned incident should serve as a reminder to people on why they need to be wary of the product they are purchasing, this isolated occurrence doesn't prove in any way that "plenty" of cameras on Amazon are also infected, as the article and the original blog post are subtly trying to imply.

What?

[Chmarr]

An editorial comment that actually LESSENS the alarmism in the submission, rather than adding to it?

This is... nearly unheard of on slashdot! What is happening???

Re:made in china

[U2xhc2hkb3QgU3Vja3M]

If the CPU, flash/etc ICs are made in China then you can't trust made-in-not-China devices either.

Network separation?

[Nethead]

Why would you actually hook these up to a network that has Internet access? Of course you make a separate VLAN or network for your "security" devices and other monitoring, ^H^H^H^H^H IoT devices that can only talk to preapproved connections. That is what a firewall is for.