The Moscow Department of Information Technology has just reported that, during regular monitoring on dark web, multiple hacking forums were detected where access to multiple surveillance systems in the city is put up for sale. These systems transmit real-time information of great interest to threat actors, mention experts from a cyber security consulting company.
A representative of the Unified Data Processing and Storage Center (ECSD) notes that, in response to this malicious campaign, the authorities are restricting the number of public employees with access to surveillance systems as a way to prevent access credentials to these systems from ending up exposed in hacking forums.
A few days ago, a so-called hacker identified as Zpoint posted an advertisement about access to surveillance systems in Moscow’s homes, parks, clinics and schools, some of which can even be controlled remotely. The seller offers to provide access to cameras in real time and through any device, mention the experts of a cyber security consulting company. In addition, the seller provides a log of the activity of the last five days recorded by these cameras.
An anonymous informant confirmed the authenticity of the data published by the hacker. On the other hand, Kaspersky Lab’s cybersecurity expert, Dmitry Galov, mentioned that ads regularly appear on specialized forums to provide access to video surveillance cameras in cities around the world, which are offered in exchange for considerable sums: “Threat actors feel a special interest in such systems and are trying to gain access to cameras in public spaces and in home environments”, explains the researcher. Hackers get these accesses by exploiting unexploded vulnerabilities in these systems, abusing incorrect settings, or simply deploying brute force attacks, the cyber security consulting company’s experts assure.
In his announcement, the hacker assures that access to such resources can only be obtained by police representatives, judicial authorities and lawyers from their workplaces, for which they must connect to the ECSD through a written request previously submitted. The amount of money required by the cybercriminal is unknown.
For further reports on vulnerabilities, exploits, malware variants and computer security risks, it is recommended to enter the website of the International Institute of Cyber Security (IICS), as well as the official platforms of technology companies.