Following up on Chinese Back Door Cameras – LeFun/BEW/VimTag/Fujikam/SkyGenius

UPDATE (10/25/2016): They are now being sold under the brand name “SkyGenius”. STAY AWAY. These are the same backdoored cameras as before. Theses are the kinds of cameras that were likely used in the DDOS attacks that took place last week. Link: https://www.amazon.com/dp/B01LZRFGXN?m=A3G20NDO3H60P2&th=1

I just wanted to make a quick post that these camera companies are removing and deleting reviews on the Amazon pages that alert people to the behavior that I outlined in my previous post: Chinese IP Cameras – The next Trojan Horses? VimTag/BEW/Fujikam

ALL the reviews on the BEW version are gone and the ones I left on the VimTag ones are removed as well. In addition to that they are now being sold under the “LeFun” brand.

Beware of off brand cameras – Even from Amazon – Cameras found with embedded malware

I came across this when going through my feed today and wanted to share this with you all. I myself have purchased a few off brand cameras and have had good luck with them but now I am going to be MUCH more careful when getting them in the future, as well as taking a closer look at the ones I have in my network already. Read the below quote and links from TheHackerNews.com.
Be careful while buying any off-brand electronics from Amazon, as they could end up infecting you.
 
Recently, independent security researcher Mike Olsen discovered that the CCTV surveillance devices sold on Amazon came with pre-installed malware.
 
Olsen discovered this nasty secret after he bought a set of outdoor CCTV surveillance cameras from Amazon for one of his friends.
 
He picked Sony Chip HD 6 Camera 1080P PoE IP CCTV surveillance camera kit sold by the Urban Security Group (USG) on Amazon, as it had good reviews and was a relatively cheap set of 6 cameras with all necessary equipment included.
 
While helping his friend set up the cameras, Olsen logged into the administrator panel to configure the surveillance system and found that the page hosted “no normal controls or settings.”
 
Assuming that it might be bad programming, Olsen opened up the browser’s developer tools and was surprised to discover a hidden iFrame loaded at the bottom of the body tag, retrieving content from Brenz.pl.

Surveillance Camera Comes Pre-Installed with Malware

A quick Google search revealed that the Brenz.pl domain was used in malware distribution campaigns, according to a blog post by cyber-security vendor Sucuri in 2011.

 

In short, this means that the newly bought surveillance camera kit could be infected with malware anytime, when the Brenz.pl operator decides to push malicious code to the DVR’s backend through the hidden iFrame.

 

Once the CCTV camera’s operator accessed that page, the malware would be downloaded and installed, potentially leading to unlawful spying and data theft.

 

Since the Breza.pl domain was already on the firmware, there might be other nasty malware included in the firmware as well, that does not provide the camera’s owner to access the backend.

 

The malware distributed by the surveillance cameras can have the ability to hijack video feeds or make the customer’s cameras part of a DDoS Botnet, something that happened last year.

 

So be careful what you buy. Check reviews of every product before buying, even if the product brand and the eCommerce platform is trusted.

 

Having issues with an Invalid IMEI on the LG G5 Promotion Page? Read here!

LG G5 Promotion Site Link: http://www.lg.com/us/mobile-phones/g5/promo/carrier-selector

Many other users have posted online today since the LG G5 rebate site went live that they are getting an “IMEI number is invalid. (1)” when trying to submit their promotion info.

2016-04-01_8-50-12

I was having the same issue and then remembered that some phones used to show a MEID number that is 1 digit shorter (on the last digit) than the IMEI. I deleted the LAST number of my IMEI number from the entry and it worked! I just wanted to share this in case someone else was having the same issue. Here’s my confirmation email!

2016-04-01_8-57-22

OwnCloud vs. DropBox – Conclusion and Thoughts

At the end of January I made a post about giving OwnCloud a spin as a replacement for DropBox. I used this solution for over a month and overall I was quite happy with it, but there was one killer feature that made me go back.

What does it do well? The desktop to cloud sync works very well. It works the same way that DropBox does. It does sometimes take a while for the initial sync but after that it is on par for smaller updates with dropbox. There is the ability to have multiple users and also plugins are available to extend the features of the OwnCloud server. You can even leverage 3rd party cloud storage services (DropBox, Google Drive, Amazon S3, etc). This is a nifty feature but I did not use it.

I wanted to make this post longer but it really doesn’t need to be. The bottom line is that if you use OwnCloud mainly for desktop to desktop sync and maintaining a backup in the cloud this will work very well for you. The thing that made me go back to DropBox is that the camera upload function of their Android app was simply too fickle and unreliable to actually get the photos up to the owncloud server. In addition to being fickle it will NOT upload video files. I heavily rely on this everyday and this was the killer feature that DropBox just did well.

Again if you just need a desktop to desktop with cloud backup then OwnCloud is great. But if you rely on the camera upload feature of DropBox then you will be very disappointed as this just simply does not work well.