Optical Surgery; Implanting a DropCam

Presented at DEF CON 22 (2014), Aug. 10, 2014, 11 a.m. (60 minutes)

Video Monitoring solutions such as DropCam aim to provide remote monitoring, protection and security. But what if they could be maliciously subverted? This presentation details a reverse-engineering effort that resulted in the full compromise of a DropCam. Specifically, given physical access and some creative hardware and software hacks, any malicious software may be persistently installed upon the device. Implanting a wireless video monitoring solution presents some unique opportunities, such as intercepting the video stream, ‘hot-micing’, or even acting as persistent access/attack point within a network. This presentation will describe such an implant and well as revealing a method of infecting either Windows or OS X hosts that are used to configure a subverted DropCam.

Presenters:

• Colby Moore - Security Research Engineer, Synack
  Colby Moore is Security Research Engineer at Synack where he focuses on identifying critical vulnerabilities in various products and services. Ever since setting eyes on a computer he has had a burning desire to hack anything in sight, but prefers to focus on where hardware and software meet. He has been involved in the computer security community for as long as he can remember and has identified countless 0-day vulnerabilities in embedded systems, major social networks, and consumer devices. Some might say Colby has an unhealthy obsession for spontaneous adventure, things that go fast, and the occasional mischief.
• Patrick Wardle - Director of Research, Synack
  Patrick Wardle is Director of Research at Synack, where he leads Research and Development efforts. His current focus is on identifying emerging threats in OSX and mobile malware. In addition, Patrick is an experienced vulnerability and exploitation analyst and has found multiple exploitable 0days in major operating systems and popular client applications. In his limited spare time he writes iOS apps for fun (and hopefully one day, for profit). Patrick’s prior roles include security research work with VRL and the NSA.

Links:

• https://defcon.org/html/defcon-22/dc-22-speakers.html#Wardle
• https://infocon.org/cons/DEF CON/DEF CON 22/DEF CON 22 slides/DEF CON 22 - Hacking Conference Presentation Patrick Wardle & ColMoore - Optical Surgery - Implanting a DropCam - Slides.mp4
• https://infocon.org/cons/DEF CON/DEF CON 22/DEF CON 22 slides/DEF CON 22 - Hacking Conference Presentation Patrick Wardle & ColMoore - Optical Surgery - Implanting a DropCam - Video.mp4
• https://infocon.org/cons/DEF CON/DEF CON 22/DEF CON 22 slides/DEF CON 22 - Hacking Conference Presentation Patrick Wardle & ColMoore - Optical Surgery - Implanting a DropCam - Slides.srt (subtitles)
• https://infocon.org/cons/DEF CON/DEF CON 22/DEF CON 22 video and slides/DEF CON 22 - Patrick Wardle & Colby Moore - Optical Surgery - Implanting a DropCam - Video and Slides.mp4 (Video and Slides)
• https://www.youtube.com/watch?v=8PXHhGa5k8g

Similar Presentations:

• DEF CON 17 (2009) / Advancing Video Application Attacks with Video Interception, Recording, and Replay