We (Synack researchers Colby Moore and Patrick Wardle) recently presented our research, , ‘Optical Surgery; Implanting a Dropcam,’ at DefCon 22. We tore apart a Dropcam and showed how a malicious adversary could persistency install a software implant. Though other presentations often leave the design of such an implant as an ‘exercise to the audience (or reader),’ we decided to buck the norm and presented Cuckoo’s Egg; a Dropcam implant. (Note: while other security researchers have blogged about Dropcam, Synack’s work was preformed prior to, and independently of this).
Dropcam is a “cloud-based Wi-Fi video monitoring service with free live streaming, two-way talk and remote viewing that makes it easy to stay connected with places, people and pets, no matter where you are.” (dropcam.com). Dropcam is known for its easy of use, simplicity, and elegant design. Recently acquired by Nest (owned by Google), Dropcam is poised to become the core of Google’s push into the connected home market. Besides its popularity, the Dropcam’s Linux subsystem and numerous capabilities (Bluetooth, WiFi, Audio and Video, and USB) make it an incredibly juicy target.
(figure 6) cuckoo’s egg implant tasking/connections
fedumpsnet jstash-bazarcm