Over the weekend, security researcher Mike Olsen revealed that he found malware on a camera he bought on Amazon.
In a blog post, Olsen warned users that some products sold on Amazon's marketplace may be hiding malware. Olsen said that he was searching for "a simple set of good outdoor surveillance cameras" for a friend, when he found what he thought was a good deal for 6 Sony Chip HD PoE cameras and recording equipment. The seller, Urban Security Group, had mostly good reviews, so Olsen made the purchase. When trying to set up the camera kit, Olsen said that "something seemed a bit off." He said that the camera feed was accessible, but none of the normal controls or settings were available. Olsen considered that a bad style could be hiding these controls and opened up developer tools, only to discover "an iframe linking to a very strange looking host name." He googled the name and found that the host name, Brenz.pl, is linked to malware distribution.
This is not the first time Brenz has been found spreading malware. According to cybersecurity firm Securi, it was first reported in 2009, before being shut down. However, Brenz did not stay down; the host re-emerged in 2011. VirusTotal recognizes the domain as a malicious source and scans show that Brenz.pl may be hosting Trojans and viruses. Last month, Brenz was linked to another malware-ridden firmware. In a forum post on the SC10IP firmware on the Whirlpool forum, one user reported finding malware. Amazon and Urban Security Group have yet to comment on this report.
Photo: © iStock.