An independent security researcher, Mike Olsen, discovered last week that Amazon CCTV cameras with pre-installed malware were sold to Amazon.
The discovery was made when he visited a friend of his to help him install and customize a kit with external security cameras he had just bought. His friend's overall purchase was six CCTV PoE cameras (Sony's Power Over Ethernet), a DVR, and a PoE switch. Everyone bought it from a reputable store Amazon, which had good customer reviews.
While trying to gain access to the admin panel of the cameras, Mr Olsen discovered that the settings table was empty.
His first thought was that there is one problem με τα CSS αρχεία που εμποδίζει να εμφανίζονται οι ρυθμίσεις, οπότε άνοιξε τον κώδικα της σελίδας του browser για να δει την ανάπτυξη του προγράμματος και έκπληκτος διαπίστωσε ότι υπήρχε ένα secret iframe that loaded at the bottom of the page, and retrieved content from the Brenz.pl website
Doing a quick search on Google revealed one blog post from 2011 which described how the domain Brenz.pl was used in distributions malware.
Obviously, the domain is still active and is used to host dangerous trojans that will come down to the computers of infected users.
That meant that recently purchased kit with surveillance cameras could be at any time infected with malware, if the operator Brenz.pl decided to send the malicious code to his DVR through the hidden iframe.
But if the Breza.pl domain was already in the kit firmware, then there might be other more malicious malware in its code.
So we recommend paying special attention if you want to buy this product