Web

Shodan, the search engine that points hackers directly to your webcam

shodan search engine webcam hackers

The U.S. Federal Trade Commission issued a complaint on Wednesday against Internet-connected device maker Trendnet due to a security flaw in one of its webcams – a device marketed for home security and baby monitoring – that let hackers spy on people in their homes. The complaint is the first issued by the FTC that concerns a device included in the category we know as the “Internet of Things.” But thanks to a specialized search engine for Internet-connected devices called Shodan, the FTC’s Trendnet complaint is likely only the beginning.

Countless devices, ranging from webcams to electrical power plants, are insecurely connected to the Internet, making them vulnerable to hacker intrusions and other cyberattacks. Hundreds of millions of these devices can easily be found through Shodan, which indexes the “Internet of Things” in the same way Google indexes websites. It is through Shodan that the FTC – or anyone else – will likely discover the next Trendnet.

As Forbes reports, Shodan was created by John Matherly in 2009. It was originally conceived as a way for companies to find competitors’ products connected to the Internet. “Instead, it’s become a crucial tool for security researchers, academics, law enforcement and hackers looking for devices that shouldn’t be on the Internet or devices that are vulnerable to being hacked,” writes Forbes’ Kashmir Hill.

Anyone can use Shodan by signing up for a free account, which gets you 10 results per search. (A $20-per-year premium account delivers 10,000 results per search.) Once logged in, simply type in a search term, like “webcam” or “iPad,” and Shodan brings up a slew of results, which can be narrowed by country or city, connection type, and company or organization associated with the device or connection. The data might seem meaningless to technically un-savvy users. But to a security researcher, nefarious hacker, it tells them where a device is, and how it might be exploited. Shodan’s database currently includes roughly 1.5 billion Internet-connected devices and facilities, which include routers, VoIP phones, red light traffic cameras, printers, and smart refrigerators, among many other things.

Shodan works by cataloging automatic responses issued by any connected computer known as “banners.” Banners contain a variety of data about the computer or service. Sometimes it even includes the default password for a device or server, which means Shodan users can simply search “default password” and quickly have the keys to vulnerable devices.

While one might be tempted to blast Matherly for creating an easy way for hackers to find Shodan – in the same way Hollywood condemns The Pirate Bay for facilitating copyright infringement – Matherly says it is the creators of the unprotected devices that should bear the burden of responsibility. “I don’t consider my search engine scary,” Matherly tells Forbes. “It’s scary that there are power plants connected to the Internet.”

There are a number of ways to protect yourself from the kinds of intrusions facilitated by Shodan. First, change the password on any device you have that connects to the Internet so nobody can slip in just by entering the default password. For devices that don’t need to be connected to the Internet at all (like some home security cameras, for example), instead connect them to a LAN (Local Area Network), which you can learn to set up here. Finally, just to make sure you’re safe, you can search Shodan for the IP address of any of your connected devices by typing in “net:YOUR.IP.ADDRESS” to see if your are vulnerable.

Image courtesy Blazej Lyjak/Shutterstock

Smart Home

Man claims hacker talked to him through his Nest security camera

An Arizona man claims a white hat hacker was able to communicate with him through a hacked Nest Cam IQ internet-connected security camera and warn him about a vulnerability in the device.
Computing

Best free parental control software for PC, Mac, iOS, and Android

The internet can be a dangerous place, especially for your loved ones. Check out our selection of the best free parental control software for Windows and Mac OS X, so you can monitor your child and block unsavory sites.
Music

Apple Music vs. Spotify: Which service is the streaming king?

Apple Music is giving Spotify a run for its money, but which service is best for you? In our Apple Music vs. Spotify showdown, we compare and contrast all we know about the two streaming music services.
Social Media

This band owns Twitter, according to list of top accounts and tweets for 2018

What was the biggest buzz on Twitter in 2018? Twitter's 2018 Year in Review highlights the biggest tweets, accounts, and hashtags. The most-tweeted celebrities, movies, TV shows, athletes, politicians and more in Twitter's 2018 trends.
Social Media

What do yodeling and Kylie Jenner have in common? YouTube’s top 2018 videos

In a true nod to the variety found on YouTube, the platform's top 10 list of videos from 2018 range from celebrities to sports, from perfectly tossing a picture frame on the wall to a kid yodeling in aisle 12 at Walmart.
Computing

Make a GIF of your favorite YouTube video with these great tools

Making a GIF from a YouTube video is easier today than ever, but choosing the right tool for the job isn't always so simple. In this guide, we'll teach you how to make a GIF from a YouTube video with our two favorite online tools.
Web

Google’s updated Santa Tracker entertains and teaches coding throughout December

Google's Santa Tracker is in its fifteenth year and is back again with even more features. You can have fun with more than 20 games, learn about different holiday traditions around the world, and enjoy some festive animations.
Computing

How to change your Gmail password in just a few quick steps

Regularly updating your passwords is a good way to stay secure online, but each site and service has their own way of doing it. Here's a quick guide on how to change your Gmail password in a few short steps.
Computing

Tired of paying a monthly fee for Word? The best Microsoft Office alternatives

Looking for a competent word processor that isn't Microsoft Word? Thankfully, the best alternatives to Microsoft Office offer robust features, expansive compatibility, and an all-too-familiar aesthetic. Here are our favorites.
Computing

Worried about your online privacy? We tested the best VPN services

Browsing the web can be less secure than most users would hope. If that concerns you, a virtual private network — aka a VPN — is a decent solution. Check out a few of the best VPN services on the market.
Computing

Microsoft is ‘handing even more of online life’ to Google, Mozilla CEO says

Not everyone is happy with Microsoft's switch to Google's Chromium engine. In a new blog post, Mozilla CEO Chris Beard writes that he believes the move is "handing online life control" to Google.
Computing

Edit, sign, append, and save with six of the best PDF editors

There are plenty of PDF editors to be had online, and though the selection is robust, finding a solid solution with the tools you need can be tough. Here, we've rounded up best PDF editors, so you can edit no matter your budget or OS.
Computing

How to easily record your laptop screen with apps you already have

Learning how to record your computer screen shouldn't be a challenge. Lucky for you, our comprehensive guide lays out how to do so using a host of methods, including both free and premium utilities, in both MacOS and Windows 10.
Computing

From beautiful to downright weird, check out these great dual monitor wallpapers

Multitasking with two monitors doesn't necessarily mean you need to split your screens with two separate wallpapers. From beautiful to downright weird, here are our top sites for finding the best dual monitor wallpapers for you.