"You can buy the sweeping software, basically all brands of cameras can be cracked." "Minimum 400 yuan, permanent use." A seller is pitching.
Recently, some people uploaded surveillance videos suspected of cracking the cameras in public places, triggering discussions about the leak of camera pictures in public places and homes. Can the camera really be cracked? What's the chain behind it? The reporter's investigation found that this black industrial chain is hidden but rampant, and in the cracked camera screen, the hotel and home cameras are the "hardest hit areas".
survey
There are many "cracking groups", and the screen is being broadcast live
On January 17, netizens broke the news that some users uploaded surveillance videos suspected of cracking cameras in public places at Station B (Bilibili Barrage Network). Station B responded urgently on the same day, removed and banned relevant videos and accounts. However, at the same time, the need to crack the chain of cameras and curiosity and distortion on the network is still rampant.
Suspected school cameras flowing out of the network were cracked
"Hello, need?" On January 18, the reporter had just joined a chat group called "Camera I", and soon there was a private chat between the group administrators named "Sparta". The group was created on January 15 and has 200 group members in just 3 days. On the day of the lurking group, new netizens continued to join the group, but the group set a full silence state.
"No, I'm not online every day." Sparta said he had a variety of cracked surveillance footage "packages" on hand for sale. These packages are "all boutique, package after-sales not only sold", the price is as low as 298 yuan, the maximum price is 500 yuan.
Taking the "package A" of 298 yuan as an example, after purchase, you can get a live broadcast of 80 cameras, including 40 hotel cameras and 40 home cameras. These images have been successfully cracked. The more cost-effective is "package C" - only 500 yuan, you can get 100 hotels and 60 families of camera "live broadcast" screen, and includes a self-operating platform sweeping software.
In order to show the "strength", "Sparta" sent a real-time screenshot of a cracked camera. In the main screen, the "live broadcast" is a scene of a young man and woman resting in the hotel, and the cracked picture time is 9:53 a.m. on January 18, 2022. The text of the "real-time screen" below indicates that 337 recordings have been safely stored. "Behind these pictures, it is not excluded that it is a cracked camera. It's "We've cracked it, you can log in and watch." The seller said.
In another chat group, a netizen named "Struggle" also gave a similar price list. "Isn't it too expensive?" In the face of such doubts, "Struggle" said that "this is the market price", and said that "as long as it is a camera, it can be cracked, don't be greedy and cheap and eat big losses." ”
The reporter's investigation found that it is not uncommon to sell cracked camera pictures and sell special cracking camera software, and a mature chain has been formed. This black chain is often hidden in chat groups of some social software, and most of the group names contain keywords such as "discussion", "video", "cracking" and "hotel ID". Some camera screen cracking groups, and even directly marked "add the total group, try to see the real hotel screen".
Investigations
At the same time, 15 can be broken, and the hotel supermarket can be changed
Hidden cracking chains on the market, in addition to peddling ready-made cracking screens, you can also spend hundreds of yuan to buy special cracking software. Sellers said that cameras in public places such as hospitals, shopping malls, supermarkets and so on can be cracked. Even, buyers are free to set up cameras for the region or city they want to hack.
The suspected hospital camera flowing out of the network was cracked
"It can be cracked, not chatted." The seller "Struggle" cautiously said that the sweeping software he sold would have a "tutorial to use" after payment. The cameras that can be cracked by the software, in addition to being installed in hotels or homes, such as supermarkets, hospitals, shopping malls and other places, can be successfully cracked.
The so-called "sweeping platform software" is a software that uses program code to actively scan and test the camera after mastering the IP address of the camera on the public network. Peng Gen, a network security research expert and general manager of Beijing Hanhua Feitian Xinan Technology Co., Ltd., introduced that one reason for the cracking of camera screens in public places, hotels and homes is that the security system of the camera itself has loopholes, but it is more likely that criminals have obtained the "IP library" of the camera through third-party channels, and then "cracked the code set by the software through the 'weak password dictionary', and constantly tried to open it one by one." ”
"I've made a total of 11 orders today." Seller "Sparta" said that he has been in the cracking camera industry for 5 years. The platform sweeping software he sells is built by specialized technical personnel to write code, and the cameras of various brands on the market can be cracked. And it can crack the cameras of hotels and families, as well as the cameras of restaurants, supermarkets and other places, "buy software separately, at least 400 yuan." Each batch can crack 15 different cameras at the same time, and it is cracked by different batches of rolling rotation. ”
The reporter learned from the interview that not all the cameras installed by others can be successfully cracked by the software, and the cracked pictures are not necessarily needed by someone. In this regard, after entering the cracking system, the page will also have corresponding prompts. "Once the cracking is successful, you click on the link that prompts success and you can watch it." If you don't like it, click on another link to continue looking at other venues and other types of pictures. What's even more frightening is that buyers are also free to set up cameras that crack the surrounding area or a certain city, "It's very simple, you can set up your own 'search nearby' or other areas, and it is no problem to download the screen." Sparta said that because of the industry secrets involved, it can only reveal so much, "Hold on, pay the screenshot and give me the screenshot." ”
behind
It can be sold by "agent" and there is a risk of fraud
Cracking successful camera pictures, after flowing out, is often purchased, satisfying some people's distorted psychology. Some netizens suspect that "the probability is to pull people into that kind of paid group." The reporter's investigation found that some sellers said that if they want to sell the cracked picture for the second time, they need to greet them, establish contact, and "become an agent."
In the process of negotiating with the seller of the cracked software, the reporter raised the question of whether the cracked screen could be resold. In response, the seller said" Yes, it is equivalent to you becoming our agent." As for the price of the surveillance screen after becoming an "agent", whether to give the other party a commission, how much to commission, etc., the other party is not willing to answer.
The aforementioned seller "Sparta" said that after spending 400 yuan on the desktop software, it can be used permanently. The way to "use it permanently" is that every month or every once in a while, he will help update the data of the cracked software. He said his account could also be blocked, so he kept in touch and kept the software data in place.
"This platform sweeping software, 90% of the time it is likely to be cracked in the 'weak password dictionary' method." Peng Gen analyzed that the difficulty of developing similar sweeping software is not large, mainly to have the IP data or "weak password" required for the software. "The core is not the difficulty of software development, but the need to have a database. One way is to grasp which IP addresses are behind the camera, the software will scan and crack them one by one; the other way is password cracking, there is a database of 'weak passwords'. For example, the code tries to unlock the initial username and password of the camera. In this case, it is easy to change or write the code of the cracked software. ”
In fact, the purchase of similar cracked software or cracked camera images may not only be suspected of violating the law and invading the privacy of others, but also risk being defrauded of money. In the process of investigation, the reporter saw that in some chat groups, someone posted a screenshot saying, "XXX is a liar, everyone should pay attention not to buy his things, do not be deceived by him..."
Response
If a leak is found, the alarm can be reported, and three ways to reduce hidden dangers
What to do when you find out that you are peddling cracked software or monitoring head screens? How to minimize the risk of camera footage leakage in homes, hotels or public places?
The operator of the Beijing 110 alarm service desk said that if the parties find that the camera screen related to themselves is leaked, it is recommended to call the police at the first time. If there is a relevant clue to report, the alarm service desk will notify the police station in the jurisdiction to contact and deal with it, "the police will intervene, and if the follow-up needs to be handed over to other departments for processing, there will also be procedures for handing over, and then investigating and handling." ”
For reducing the risk of camera leakage, cybersecurity expert Peng Gen put forward three suggestions. First, when buying a camera, pay attention to choosing the mainstream, well-known big brands on the market, buy less small brands, cottage products, etc.; second, to modify the factory default password of the camera in time, and the password setting should be as complicated as possible, "it is best to contain special characters such as case, numbers, exclamation points and so on"; third, when installing the camera, do not easily expose the IP address of the device on the public network, "to be set to only in a certain place, to be truly accessible, so as not to leak out the IP address." ”
Source Beijing Daily Client | Reporter Li Songlin
Edited by Wang Qiong
Process Editor Wu Yue