[German]Hacking rings have been busted in Italy for hacking into surveillance cameras and then selling the videos on the Internet. The case shows that the victims had often installed this video surveillance themselves and operated it without any further security measures or updates.
Advertising
Surveillance cameras in public spaces are, after all, on the rise: More cameras, more security. And private citizens are also full of surveillance cameras, at the front door, in the apartment, in the bedroom, etc.. You can get one for little money at Amazon or from the China man, stick it on the wall and you're done. Then everything can be controlled by cell phone in a live stream with your own cameras.
The Voyeur
Where there are surveillance cameras, there is also the danger that not only authorized people will want to access their video images. Some things are boring to death, but private surveillance cameras from houses and apartments may well record precarious or intimate scenes. There's a lucrative market of takers there for photos from the videos or even for the entire live stream.
I had already picked up a case from China in 2021 in the blog post China: videos from private surveillance cameras on sale. There, hackers had discovered a new business model and sold tens of thousands of videos from hacked security cameras online. Well, many of these videos are pretty boring and show people just sitting in their homes or hotels. But the video clips sold online as "home video packages" may well contain more explosive material.
A criminal network had probably established itself, which also secretly install surveillance cameras in hotels to satisfy the greed of Chinese users "find out what the neighbor is doing in his four walls". The videos are offered at a certain price /from 3 US %) depending on the content and sold through social media.
With the coronavirus pandemic and the increasing use of chat rooms, webcams and similar home technology, the demand for this kind of thing probably exploded worldwide.
Advertising
Idea stolen and expanded
This idea from China may have also been cool to some hackers in Italy. Lacking their own surveillance cameras, they decided to access public surveillance cameras. They also included a collection of private surveillance cameras. The whole thing is not even that hard, that the surveillance cameras hang on the Internet (so that access via smartphone or PC is possible).
Often enough, users don't even change the manufacturer passwords to access the devices. The other problem area is missing updates for security vulnerabilities that the manufacturer has not closed or the user has not fixed via firmware updates. Thus, the video streams of thousands of private surveillance cameras from houses and apartments, bathrooms, bedrooms, etc. can be accessed with little effort.
Two hacker groups formed in Italy at once, and then images and entire videos were sold via social media such as the Russian platform VK or Telegram. A basic subscription went for 20 euros over the counter – those who wanted a premium subscription had to pay 40 euros, but got 24-hour access to the cameras.
Thousands of victims were spied on by the two hacker groups, with the arsenal ranging from footage from private rooms to a locker room in a doctor's office, according to Italian medium La Repubblica. The group advertised "Welcome to the first channel in Europe to work with spycams. A maxi-archive of images from surveillance cameras, where you'll find unique footage: Videos from private homes, nudist beaches, hotels, fitness centers, swimming pools, nightclubs, toilets." – Big Brother of a different kind on subscription. Paid then by Paypal or with Bitcoins. Truly an "attractive offer" for making contemporaries, according to the police, the services of the hacker groups had been booked probably 2000 times.
Busted and seized
However, police in Italy got on the trail of the story and began investigating under the alias "Rear Window" (the original title of Hitchcock's masterpiece). The investigation, coordinated by prosecutors Giovanni Tarzia and Laura Baj Macario and deputies Letizia Mannella and Eugenio Fusco, began in 2019.
At that time, there was a tip from the New Zealand police that led to an arrest for possession of child pornography. While sifting through the seized electronic material, investigators then came across the traces of this illegal trade in surveillance videos. A second lead stemmed from a complaint by a swimming pool user in the province of Monza. The latter was annoyed by the presence of surveillance cameras in locker rooms. The cameras had been installed after a theft, but the images, the complainant had noted, were circulating where they did not belong.
Finally, ten searches warrants were conducted throughout Italy earlier this week. In total, 10 smartphones, 3 workstations, 5 laptops, 12 hard drives and several cloud spaces were seized, as well as all the social accounts used by the suspects. Eleven people are under investigation, including a Ukrainian citizen who cannot be located at the moment. This was announced at a press conference held by the prosecutor's office in Milan. The prosecutor's office also provided further details.
The two criminal groups, which were rooted out by the Milan police under the leadership of Director Tiziana Liguori, operated in parallel. The groups had a clearly defined structure: very young hackers who attacked NVRs (digital video recorders). Among them was a 17-year-old from Rimini with amazing computer skills. But there were also more experienced promoters, including a 43-year-old commercial artist from Milan, who was probably in charge of marketing and PR (publicity). There were even quality controls on the material so that an archive of images and videos could be offered to interested parties.
