Website reveals 73,000 unprotected security cameras with default passwords

As we’ve reported before, users and businesses leaving their router username and passwords as the manufacturer’s default are potentially leaving themselves open to an easy hack, but a new website has sprung up illustrating the point in alarming detail.

Insecam purports to show 73,000 security cameras from around the world, where users can drop in and stream their content, Mashable reports. It’s security cameras only – USB connected webcams or laptops have been discounted, and as the site itself points out: “These cameras are not hacked. Owners of these cameras use default password by unknown reason.”

PC World reports that Insecam gives a startling amount of information about each stream, including the camera’s location, model and login credentials – “usually some variation on ‘admin'”.

CNET claims that the website shows “over 11,000 cameras in the US, nearly 2,500 in the UK, six in Tanzania and others everywhere in between.”

Why is the site broadcasting this footage? The website claims it “has been designed in order to show the importance of the security settings,” but as CNET points out “there’s no indication that they’ve actually told any of these people that they’re doing this.”

Mashable writes that when one of its reporters was browsing the site, it found many of the cameras offline, so it’s possible that the website’s claimed intentions have had some impact. Worryingly though, it also discovered a handful of surveillance cameras that could not only be watched, but also controlled via the website.

If you find your security cameras on the website, and want to remove it quickly, Insecure’s FAQ explains that the job is as easy as logging in as an administrator and changing the login credentials.


Author , ESET

Follow us

Copyright © 2016 ESET, All Rights Reserved.