Hackers gained access to surveillance cameras in Tesla, Cloudflare and banks

Hackers gained access to cameras

Bloomberg reports that some hackers have gained access to surveillance cameras installed in Tesla, Equinox, medical clinics, prisons and banks.

In addition to the images from the cameras, the hackers published screenshots proving that they had direct access to the surveillance systems installed at the headquarters of Cloudflare and Telsa. The group’s operation took place under the hashtag #OperationPanopticon.

A group of hackers say they breached a massive trove of security-camera data collected by Silicon Valley startup Verkada Inc., gaining access to live feeds of 150,000 surveillance cameras inside hospitals, companies, police departments, prisons and schools.Bloomberg journalists write.

Bleeping Computer contacted the group’s reverse engineer, Tilly Kottmann, and she said that access was obtained through the compromise of the super-administrator account of Verkada, which deals with corporate security systems, including video surveillance, and works with all victims. Supposedly, this logged data was hardcoded and found in an open DevOps infrastructure.

On her Twitter account, Kottmann posted several images from security cameras at Equinox, Tesla and Bank of Utah.

Hackers gained access to cameras
Tesla warehouse

She also released screenshots of root access to a certain system. Since the image shows the MAC address of one of the network cards, the journalists were able to make sure that it matched the Verkada equipment.

Hackers gained access to cameras

Shortly after the Bloomberg publication, the group lost access to the super administrator’s account as Verkada engineers learned of the hack.

We have disabled all internal administrator accounts to prevent any unauthorized access. The internal security team and the external security service are studying the scale of this incident, and we have already notified the law enforcement agencies about the incident.the company said.

Cloudflare has confirmed the hack, but said that the compromised cameras were located in offices that have been closed for many months, and the incident had no impact on the company’s customers and products. Currently, all problem cameras are already disabled.

No comments have yet been received from Tesla, Equinox and other victims.

Let me remind you about the fact that Elon Musk confirmed that the Russian offered a Tesla employee a million dollars for hacking the company.

By Vladimir Krasnogolovy

Vladimir is a technical specialist who loves giving qualified advices and tips on GridinSoft's products. He's available 24/7 to assist you in any question regarding internet security.

Leave a comment

Your email address will not be published. Required fields are marked *