Culture

Hackers leaked tons of webcam and home security footage on porn sites

50K

The number of cameras reportedly hacked by one group.

The New Paper

Shutterstock

A hacking group that has yet to identify itself found and stole more than 3 TB of private video from around the world — mainly collected from Singapore — and shared it on porn sites, according to reports from local media like The New Paper. While some of the footage was indeed pornographic in nature, other videos are more mundane.

More than 50,000 private IP-based cameras were accessed by hackers to amass the collection. Some were explicitly tagged with locations in Singapore, The New Paper reports, while others revealed their location as Singapore based on context clues such as book titles and home layout. Many show people (sometimes with their faces censored) in “various stages of undress or compromising positions.”

The popularity of internet-connected home security cameras and other web-based camera systems has skyrocketed in the recent past, despite growing concerns about whether or not those systems might be more dangerous than they are helpful. These hackers have given us some pretty compelling evidence that the latter is the case.

Poor password management — There are many, many ways someone with malicious intent could use security cameras against their owners. Traffic-detection software, for example, can reveal a person’s movements around the house, even without gaining direct access to a video feed.

In this case, though, it’s looking like poor security is the culprit. Clement Lee, a solutions architect for multinational software company Check Point Software Technologies, told The New Paper that the hacking of IP cameras is often due to “poor password management.” IP cameras make it easy to access your video feeds from anywhere — which means it’s also easy for hackers to access them from anywhere, once they’ve figured out your password.

Powered by Discord — Any sort of hacking is an explicit invasion of privacy; a group of people putting their hacking skills together is obviously much worse. In this case, it appears the hacking group operated through a private Discord channel.

The group charges $150 for “lifetime access” to the store of footage. About 70 members have paid for this access; almost a thousand total have joined without paying. Apparently, new members can request a 700MB “sample” pack with over 4,000 videos and pictures from hacked footage.

Privacy? What’s that mean? — The equation seems simple: add a security camera and receive peace-of-mind that your house is being monitored all day every day. Unfortunately for consumers, though, not every internet camera is as secure as they might hope.

Case in point: Amazon-owned Ring, which faced a slew of security scandals in the last year or so. Hackers have harassed people using Ring cameras; users’ passwords have leaked on the dark web; and the system’s Android app was found to have been letting Facebook and other third parties track users.

The unfortunate fact of the matter is that internet-connected devices are inherently susceptible to hacking. Add lax encryption and lazy users to the mix and you have a recipe for disaster. As always, it’s best to keep your passwords complex and secure — and to read up on your “security” system before purchasing it.