Trillions of IoT devices are at high-risk today, as the hackers are obtaining control over all the devices. A recent blog post by the researchers at Senrio, on Tuesday, revealed a new vulnerability and named it as Devil's Ivy. "We named the vulnerability Devil's Ivy because, like the plant, it is nearly impossible to kill and spreads quickly through code reuse," the post said. Researchers said Devil’s Ivy executes remote codes which help the hackers in retrieving the video capture from camera.
Approximately, 249 cameras designed by Axis Communications are vulnerable. Not only Axis but also other 34 companies such as Xerox, IBM, Microsoft and Adobe that are part of ONVIF (Open Network Video Interface Forum) are being attacked by hackers easily.
Researchers said that the code written while developing the software is responsible for the errors generated from ONVIF Forum. According to the Senrio blog post, nearly 6% of ONVIF people are using gSOAP. The Software companies which are depending on the gSOAP to develop their products and services will be affected by Devil’s Ivy.
“Devil’s Ivy highlights the industry’s growing concern with the security of IoT. We forget or don’t realize that many of the devices we use everyday are computers— from the stoplight at your street corner to the Fitbit you wear on your wrist — and therefore are just as, if not more, vulnerable as the PC you sit in front of everyday,” researchers said.