(Photo by Joan Cros/NurPhoto via Getty Images)
Are your internet-connected cameras secure? In South Korea, four people allegedly hacked 120,000 IP cameras, largely to help them produce sexual content.
The cameras were installed in homes and businesses, including karaoke rooms, a Pilates studio, and a gynecologist's clinic. All of them used weak passwords and user IDs, the BBC reports.
The Korean National Police Agency found that the four suspects, who have been arrested, acted independently, but they all hijacked access to the cameras. The first suspect hacked 63,000 cameras and edited the stolen footage into 545 videos, which were then sold to an overseas site, dubbed A-site by investigators, that hosts illegal private recordings.
The second suspect hacked 70,000 cameras and used the footage to create 648 edited files, which were also sold to A-site. In return, the suspects allegedly received about $24,000 and $12,000 in virtual assets, respectively.
The videos accounted for about 62% of all videos uploaded to A-site in the past year. "Police are investigating the operator of A-site, which posts illegal recordings targeting victims across multiple countries, in cooperation with foreign law-enforcement agencies,” the Korean National Police Agency says.
The third suspect hacked 15,000 cameras to produce "child/adolescent sexual-exploitation content." The fourth suspect, who has not been detained, accessed 136 cameras. Neither distributed the stolen footage.
Local police have contacted 58 locations with insecure cameras to notify them of the surveillance and assist them in securing the devices. The crackdown comes after South Korea passed a law criminalizing the creation and viewing of sexual deepfakes.