The New OilBackdoors in #VStarcam cameras
https://palant.info/2026/01/07/backdoors-in-vstarcam-cameras/
Wladimir PalantAs you might have noticed, I’ve been looking into VStarcam firmware lately. My analysis of 367 firmware branches found something astonishing: starting with approximately 2022 VStarcam has been systematically and intentionally undermining the security of their cameras, adding mechanisms designed to leak the authentication password. While we can only speculate about the reasons, it’s clear that these cameras cannot be trusted with access to the Internet. https://palant.info/2026/01/07/backdoors-in-vstarcam-cameras/
I’m having some fun with VStarcam firmware, so why shouldn’t you? After downloading hundreds of their firmware updates I decided to document all these numerous proprietary formats. This even included figuring out a proprietary compression algorithm (not the one I asked about here a few days ago, that one is still a mystery).
https://palant.info/2025/12/15/unpacking-vstarcam-firmware-for-fun-and-profit/
erAckOne of your neighbours maybe got one. If you own one: throw it away.
Security cameras vulnerable to hijacking
https://hacked.camera/
https://krebsonsecurity.com/2019/04/p2p-weakness-exposes-millions-of-iot-devices/
https://heise.de/-4409298
#security #hijack #IoT #P2P #iLnkP2P #HiChip #TENVIS #SV3C #VStarcam #Wanscam #NEOCoolcam #Sricam #EyeSight #HVCAM