GoPro cameras could be hacked and used to spy on owners


Tech Talk

This is very important A security firm has warned it is too easy to take control of GoPro cameras which could then be used to spy on their owners.

Ken Munro, a partner at Pen Test Partners, also said the way the cameras were set up meant that a wireless connection can unknowingly be left on after the power button on the device had been pressed to turn it off.

He showed how he could “wake” the device, turn off its recording lights, and then video-stream what the device could see to his own mobile phone.

Mr Munro said that in order to take control, a criminal would need to intercept and crack the encrypted Wi-fi key, which is set up by the user when they connect the camera to a mobile device such as a phone.

In his demo he captured the key using a laptop and some free specialist software.

To make his point, Mr Munro then showed the BBC how his firm was able to use software freely available on the internet to guess the password a user might have set.

In this case the word “Sausages” was used as the password and the software guessed it in less than one minute.

The software tries thousands of possible passwords each second, using a dictionary of those known to be most commonly used.

Mr Munro wants GoPro to actively encourage users to set stronger passwords.

“Cybercriminals are increasingly turning to cracking passwords to gain access to accounts” he warned.

Read more at bbc