I recently bought 2 cheap foscam IP cameras and hooked them both up about 5 days ago. 2 days later I was messing around in the settings and saw that it logged the IP address when someone logs in, and shows what user they logged in as. I noticed a couple of weird IP addresses in the list and did a whois on it, one was from Germany and one from the UK.
Some details:
I upgraded the firmware as soon as I hooked them up
I changed the default password to something else
I enabled port forwarding on my router so that I could access them remotely
I connected to the cameras (not using https) using a few popular android apps while I was playing around trying to figure out which app to use
It was after all that that someone from Germany connected to both cameras. I had a thought - could one of the apps have stolen my info (IP address, username, password)? sounds crazy, but i got hacked really fast.
Or are the cameras so insecure and vulnerable that someone scanner my ports that fast, found both the cameras, and bypassed the built in security and logged in?
SO, I thought enough of that, I'll disable port forwarding and put them behind a VPN. Within 6 hours of doing this, someone from Germany connected again. WHAT?? How is that even possible?? Anyone have any thoughts? The ONLY thing I can think of is if when they first connected, they injected some kind of code/hacked firmware that opens up a port that the router is not blocking. I read somewhere (cant find it now) an article where it talked about that being possible - that is, injecting some hacked firmware for devious purposes such as gaining access to your network.
I have a couple Hikvision cameras that have port-forwarding somehow built into the camera settings - ie - you dont have to manually forward the port with the router for some reason. So maybe they did something like that. Have some backdoor port they opened that the router is not blocking.
I need help. Any ideas of what is going on? or any ideas of how to fix this mess? First thought is to get rid of the cameras and hard-wire some better quality ones (like Hikvisions), but its just so far out there in the yard (chicken coop) that i tried a wireless hikvision and it didnt reach with its built in antenna. I dont wanna run 150' of CAT5 if i dont have to.
Some details:
I upgraded the firmware as soon as I hooked them up
I changed the default password to something else
I enabled port forwarding on my router so that I could access them remotely
I connected to the cameras (not using https) using a few popular android apps while I was playing around trying to figure out which app to use
It was after all that that someone from Germany connected to both cameras. I had a thought - could one of the apps have stolen my info (IP address, username, password)? sounds crazy, but i got hacked really fast.
Or are the cameras so insecure and vulnerable that someone scanner my ports that fast, found both the cameras, and bypassed the built in security and logged in?
SO, I thought enough of that, I'll disable port forwarding and put them behind a VPN. Within 6 hours of doing this, someone from Germany connected again. WHAT?? How is that even possible?? Anyone have any thoughts? The ONLY thing I can think of is if when they first connected, they injected some kind of code/hacked firmware that opens up a port that the router is not blocking. I read somewhere (cant find it now) an article where it talked about that being possible - that is, injecting some hacked firmware for devious purposes such as gaining access to your network.
I have a couple Hikvision cameras that have port-forwarding somehow built into the camera settings - ie - you dont have to manually forward the port with the router for some reason. So maybe they did something like that. Have some backdoor port they opened that the router is not blocking.
I need help. Any ideas of what is going on? or any ideas of how to fix this mess? First thought is to get rid of the cameras and hard-wire some better quality ones (like Hikvisions), but its just so far out there in the yard (chicken coop) that i tried a wireless hikvision and it didnt reach with its built in antenna. I dont wanna run 150' of CAT5 if i dont have to.
Last edited by a moderator:
