Researcher Finds Unremovable Backdoor Accounts in FLIR Thermal Security Cameras

LASER_oneXM

Level 37
Thread author
Verified
Top Poster
Well-known
Feb 4, 2016
2,520
Gjoko Krstic, a security researcher with Zero Science Labs, has discovered secret hard-coded accounts in thermal security cameras manufactured by FLIR Systems, Inc., one of the largest vendor of such products.

According to Krstic, the backdoor accounts "are never exposed to the end-user and cannot be changed through any normal operation of the camera."


There are several ways that FLIR customers can protect themselves. The easiest one is to prevent access to these cameras from the Internet by placing the devices behind a firewall until the vendor issues a patch.

FLIR is a well-known brand for security cameras. Its thermal cameras are nothing more than regular IP-based security cameras with the extra feature of being able to function in thermal mode during night time.

FLIR's thermal camera imaging capabilities have been recently used to film the "Walk On Water" music video by famous rock band 30 Seconds to Mars.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top