Originally published in 2015
In this case, it appears the camera itself was not yet infected with malware, said researcher Daniel Lance with cybersecurity company Archer Security Group, which is not affiliated with Urban Security Group.
“The iframe they used isn’t malware, but its intent is to distribute malware,” Lance said. “Malicious code in this case isn’t already on the device. It makes a call to a website and it hands off what appears to be a Trojan.”
If the camera did make the call to the website, what could happen?
“Depending on the malware loaded onto the system, an attacker could turn off the system at will and make the owner think that it was still operational,” said Patrick Coyle with Chemical Facility Security News.
“Depending on how the malware was loaded onto the system, it could be anything from relatively easy to nearly impossible to get the malware off the system,” he added. “The more experienced the attacker, the harder it will be to remove the malware.”