Beware of off brand cameras – Even from Amazon – Cameras found with embedded malware

I came across this when going through my feed today and wanted to share this with you all. I myself have purchased a few off brand cameras and have had good luck with them but now I am going to be MUCH more careful when getting them in the future, as well as taking a closer look at the ones I have in my network already. Read the below quote and links from TheHackerNews.com.
Be careful while buying any off-brand electronics from Amazon, as they could end up infecting you.
 
Recently, independent security researcher Mike Olsen discovered that the CCTV surveillance devices sold on Amazon came with pre-installed malware.
 
Olsen discovered this nasty secret after he bought a set of outdoor CCTV surveillance cameras from Amazon for one of his friends.
 
He picked Sony Chip HD 6 Camera 1080P PoE IP CCTV surveillance camera kit sold by the Urban Security Group (USG) on Amazon, as it had good reviews and was a relatively cheap set of 6 cameras with all necessary equipment included.
 
While helping his friend set up the cameras, Olsen logged into the administrator panel to configure the surveillance system and found that the page hosted “no normal controls or settings.”
 
Assuming that it might be bad programming, Olsen opened up the browser’s developer tools and was surprised to discover a hidden iFrame loaded at the bottom of the body tag, retrieving content from Brenz.pl.

Surveillance Camera Comes Pre-Installed with Malware

A quick Google search revealed that the Brenz.pl domain was used in malware distribution campaigns, according to a blog post by cyber-security vendor Sucuri in 2011.

 

In short, this means that the newly bought surveillance camera kit could be infected with malware anytime, when the Brenz.pl operator decides to push malicious code to the DVR’s backend through the hidden iFrame.

 

Once the CCTV camera’s operator accessed that page, the malware would be downloaded and installed, potentially leading to unlawful spying and data theft.

 

Since the Breza.pl domain was already on the firmware, there might be other nasty malware included in the firmware as well, that does not provide the camera’s owner to access the backend.

 

The malware distributed by the surveillance cameras can have the ability to hijack video feeds or make the customer’s cameras part of a DDoS Botnet, something that happened last year.

 

So be careful what you buy. Check reviews of every product before buying, even if the product brand and the eCommerce platform is trusted.

 

[TTT] ‘PoE’ AP on the Cheap – TP-LINK TL-WR841HP + 12V PoE Adapter

Welcome to another Tim’s Tech Tips. Today we are going over a little $60 combo that will give you a 2.4ghz 802.11N access point with plenty of coverage without breaking the bank. You’re going to see that I have a lot of solutions where I combine multiple pieces of hardware and/or software to accomplish a goal.

In the review I posted before this (FitBit Aria Scale) I talked about setting up a separate wireless network for the FitBit Aria scale. I did not want to spend a ton of money on this setup as I had already spent $200 on my main Access Point (NetGear R7000) and another $130 on the scale itself. I decided to go this route as I had a spare network drop to my main PoE switch and wanted something that was self-powered from the main switch. Enter the TP-LINK WR841HP with a handy 12V PoE adapter.

I picked up the TP-LINK TL-WR841HR for $25 from Amazon via a warehouse deal and the PoE adapter for under $11 shipped. I updated the firmware on the router with the latest one from TP-LINK’s website and set it up as a separate network from my main one at home.

The router is placed in my bedroom on a dresser and has no obstructions. I am able to get a stable and quick (10-20mbps) around my entire 1500+ Square foot condo with it and it does well to fight off the other 2.4ghz networks here. I think it may actually have better 2.4ghz range (but not throughput) than my NetGear R7000 but given their placement and purpose are different I cannot give an accurate assessment.

Performance & Features

Once I got the network all setup I connected a few devices and started running WAN and LAN throughput tests. I had a multitude of devices that I tested with so you can get a feel for the speed of this device. Do note that the 2.4ghz band is pretty congested in my building and you may see better throughput if you are in a single family home where there is less interference. All the tests were done about 50 feet from the router with 1 wall in between the router and the devices. I have a 150+ MBPS WAN connection so the LAN and WAN throughput tests were identical. The upload from WLAN to LAN were all within 1-5 mbps of the download averages.

All in all the speeds were what I expected from this router. The limiting factor here is that all the ports are 10/100 so even though the radio supports up to 300mbps you will never see past 100mbps when pulling data from a wired network port.

This router is pretty standard aside from its higher output wireless signal. You have port forwarding, basic firewall options, uPnP, DNS forwarder, and DHCP server. This is a baseline router so keep that in mind.

Closing Thoughts & Links

For the application, I was needing this worked out very well. I used a cheap/off brand PoE to 12V power adapter from Amazon to get power to this router so that I wouldn’t have to worry about placing a power strip or UPS by it to protect it. This adapter will work with most 12V network devices under 2A of load if you want to power them over PoE. I am using a small 8 port Engenius PoE Gigabit switch and it powered it all up with no problem.

If you want to use this to extend your network and not make use of the router features just leave the WAN port set to dynamic, disable DHCP, and set the LAN IP address to an open address on your network. Once that is setup connect the router to your network via one of the 4 LAN ports, do NOT use the WAN port in this kind of setup.

I could see this being a nice solution to extend a network over PoE for a low cost if high speeds are not needed. The range on this router is fantastic for the price and I think you would be hard-pressed to find a better deal in the sub $40 range. The only thing that would make this router better is if there was Tomato or DD-WRT support for it. If you have any questions or comments please use the Contact Me link at the top of the page, comments are closed on this site.

Purchase Links (NOT affiliate links):

12V PoE Adapter: Amazon.com

TP-LINK TL-WR841HP Router: Amazon.com

Actual Pictures:

This slideshow requires JavaScript.

Specifications From TP-LINK’s Website

HARDWARE FEATURES
Interface 4 10/100Mbps LAN Ports
1 10/100Mbps WAN Port
Button WPS/Reset Button
Antenna 2*9dBi Detachable Omni Directional Antenna (RP-SMA)
External Power Supply 12VDC / 1A
Wireless Standards IEEE 802.11n, IEEE 802.11g, IEEE 802.11b
Dimensions ( W x D x H ) 6.6in.x5.1in.x1.2in.(168.5mmx130mmx31.5mm)
WIRELESS FEATURES
Frequency 2.4-2.4835GHz
Signal Rate 11n: Up to 300Mbps(dynamic)
11g: Up to 54Mbps(dynamic)
11b: Up to 11Mbps(dynamic)
Reception Sensitivity 270M: [email protected]% PER
130M: [email protected]% PER
108M: [email protected]% PER
54M: [email protected]% PER
11M: [email protected]% PER
6M: [email protected]% PER
1M: [email protected]% PER
Transmit Power CE:
<20dBm(2.4GHz)
FCC:
<30dBm
Wireless Functions Enable/Disable Wireless Radio, WDS Bridge, WMM, Wireless Statistics
Wireless 64/128/152-bit WEP / WPA / WPA2,WPA-PSK / WPA2-PSK
SOFTWARE FEATURES
Quality of Service WMM, Bandwidth Control
WAN Type Dynamic IP/Static IP/PPPoE/
PPTP/L2TP/BigPond
Management Access Control
Local Management
Remote Management
DHCP Server, Client, DHCP Client List,
Address Reservation
Port Forwarding Virtual Server,Port Triggering, UPnP, DMZ
Dynamic DNS DynDns, Comexe, NO-IP
VPN Pass-Through PPTP, L2TP, IPSec (ESP Head)
Access Control Parental Control, Local Management Control, Host List, Access Schedule, Rule Management
Firewall Security DoS, SPI Firewall
IP Address Filter/MAC Address Filter/Domain Filter
IP and MAC Address Binding
OTHERS
Certification CE, FCC, RoHS
Package Contents 300Mbps Wireless N High Power Router
Power supply unit
Resource CD
Ethernet Cable
Quick Installation Guide
System Requirements Microsoft® Windows® 98SE, NT, 2000, XP, Vista™ or Windows 7, Windows8/ 8.1/10
MAC® OS, NetWare®, UNIX® or Linux
Environment Operating Temperature: 0℃~40℃ (32℉~104℉)
Storage Temperature: -40℃~70℃ (-40℉~158℉)
Operating Humidity: 10%~90% non-condensing
Storage Humidity: 5%~90% non-condensing

TP-LINK TL-POE10R Gigabit PoE Splitter – Review

Quick and Dirty Review of the TP-LINK TL-POE10R Gigabit PoE Splitter

Some of my readers may not know what this is but I am going to start covering more networking devices and other items that can help clean up and automate your home networks. Let me explain what my need for the TP-LINK PoE splitter was and help you understand.

In my condo I have a main gigabit drop going out to my living room that also shares a wall with my 2nd bedroom. When my little brother moved in he needed a gigabit drop and I didn’t have any more room to pull another cable in the pipe that was going over there. So rather than have to pull another cable another way (which would have been a HUGE hassle) I decided to stick a small 5 port gigabit NetGear (metal case) switch in the wall.

PoE Splitter Diagram

Now the only issue then was getting power to the switch. Enter the TP-LINK PoE splitter. On the back of my little switch is a 12V power input. What the TP-LINK PoE splitter does is it takes the PoE power signal and outputs it to a DC jack in 5V, 9V, or 12V increments. This paired with a small standalone PoE injector in my main network area I was able to power the 5 port NetGear switch over the network cable. This also gave me the added benefit that where the PoE injector was installed at also had a UPS attached so when the power goes out the switch will stay on.

Conclusion

All in all I am very happy with this little product. I picked it up for a measly $15 shipped from Amazon. I would recommend this to anyone who needs a small solution like this. This will also work with most routers and access points that take the small round bullet style power plug. I know this works with my Cisco M20 router and numerous other 12V network devices (access points, switches, routers, etc) that have the same connector. MOST small office/home office network devices use the 12V round connector. Check yours before you buy this. You will only get the standard sized cord when you buy this. You could always go to radio shack with the cord and the device you want to power and see if they have an adapter tip that would allow you to use it with a different end.

If you want to pick one of these up hit the link below. Thanks for reading!

TP-LINK TL-POE10R Gigabit PoE Splitter Adapter, IEEE 802.3af compliant, Up to 100 meters (328 Feet), 5V/12V Power Output