Alarm.com IP Security Camera Vulnerability - Never Fixed After 3 Years
Originally posted to the /r/homedefense subreddit on Sept 30, 2013 by reddit user ahmadnassri, an exploit that could potentially expose your entire network to hackers has been released to the world. On Jan 10, 2017 ahmadnassri released a full walkthrough on how to hack into an alarm.com system and gain access to an extensive list of private data and devices.
The exploit was achieved by decompiling the JAVA player responsible for streaming live video feeds from the camera system. This gives a would be hacker easy access to alarm.com's Master Key and in turn your camera system. While this exploit only applies to older models sold by dealers such as Vivint and Frontpoint Security, there are plenty of these models in the wild to cause concern.
The release of yet another security flaw found in security cameras and devices adds to the long list of vulnerabilities found in recent memory. Until the security industry and manufacturers that are creating devices for the Internet of things begins to take network security seriously we will continue to see dangerous exploits found and utilized.
In most cases, changing the default password on your equipment will protect you from an attack, but that unfortunately is not a sure bet when using cheap or poor quality systems. The old adage "you get what you pay for" always turns out to be true and in this case could mean the difference between your security or being a target.
Check out Arcdyn for professional and secure IP security camera systems