Hacker exploits child monitoring camera, cybercriminals using mobile ad networks to siphon money and Google increases the rewards for its bug bounty program

Hacker shouts abuse at child through monitoring camera
A hacker has exploited a vulnerability in a camera marketed as an ideal ‘baby monitor’ in order to shout abuse at a two-year-old child in Texas. The baby’s parents heard a voice coming from the camera as it directed offensive and sexualised language at their young child who was asleep in bed. The camera is manufactured by Foscam, who have recently released an emergency fix for vulnerabilities like this, although it’s not clear whether the parents had applied the emergency updates. The child’s parents have described the fact that their daughter is deaf as ‘something of a blessing’ under the circumstances.

Malware using mobile advert networks to steal money
Cybercriminals from Asia are reportedly using mobile ad networks to steal money from their victims. App developers normally assess the ad networks that they choose to partner with before entering into any agreements, but those that don’t leave themselves open to malicious ad networks. These networks can run their own software in otherwise legitimate apps, and download malware to the user’s smartphone. This malware then sends text messages to premium rate numbers and downloads instructions from a command and control server, effectively siphoning off the user’s money. Android users are advised to only download apps through Google Play, which runs its own scans for these kinds of scams.

Google increases bug bounty programme rewards
Google has announced that it has paid out nearly $2m to security researchers who have uncovered bugs for the company. To celebrate the success of the reward scheme, Google is now set to increase the amount of money on offer to anyone who first alerts them to bugs in future. In some instances this could mean an increase of up to five times the previous reward. Providing a patch along with the bug report will still earn researchers a bonus, and bonuses will continue to be awarded for the discovery of bugs in critical pieces of open source software.