GoPro cameras vulnerable to password cracking attacks
Ken Munro, a partner at Pen Test Partners has recently discovered a flaw in the most recent GoPro cameras. This flaw would allow for attackers to not only record via the camera but to also wake the device and mitigate any recording lights.
This attack was achieved by cracking the encrypted Wi-Fi key that was being used by the GoPro and its connected devices.
Ken Munro went on to discuss that:
“Cybercriminals are increasingly turning to cracking passwords to gain access to accounts.”
GoPro have responded to the report by saying:
“We follow the industry-standard security protocol called WPA2-PSK (pre-shared key) mode… Wi-fi-enabled devices must provide the user’s password to access the Hero4 wi-fi network. This is the same as other wi-fi networks using that protocol.”
“We require our customers to create a password 8-16 characters in length; it’s their choice to decide how complex they want it to be… As is true of all password-protected devices and services, if a password is easily guessable, a user is more prone to someone predicting what it is.”
Original news source: BBC.co.uk
Image source: GoPro