The Quebec Liberal Party (PLQ), a federalist provincial political party in Canada, has fixed a
security issue in their video conferencing software that allowed an
unknown hacker to spy on their meetings and even access the video camera
feeds when he wanted.
Fortunately, the man who gained access to this
system had no malicious intent and appropriately disclosed the issues to
the PLQ staff so that they could secure their system.
PLQ video conferencing system used default admin password
The unnamed white hat told Canadian journalists that
the PLQ's software contained a security flaw and also used the factory
default password, according to the Le Journal de Montreal.
The hacker said he accessed the party's video feeds
during PLQ meetings. He explained he logged into the video conferencing
software multiple times and observed PLQ meetings on different
occasions.
The white hat wanted to remain anonymous and asked a
reporter of Le Journal de Montreal to report on the issues on his
behalf. To validate his intrusion claims, the hacker told the reporter
about some of the topics discussed in the meetings.
Additionally, the hacker was also able to start the
video feed from PLQ's cameras on demand and have a look at the party's
HQ whenever he wished. The hacker provided screenshots to prove his
claims.
PLQ acknowledges hack, fixes issues
PQL officials confirmed the breach but said that no
sensitive, nation-level issues were ever discussed in these meetings. It
appears the hacker spied on meetings between PLQ's Quebec and Montreal
branches.
After spending a few days investigating the issue,
PLQ officials have told the reporter that they fixed the illegal access
bug and changed the video conferencing software's default password.
PLQ officials did not say if the hacker used the default password or the security bug to access their network.
Комментариев нет:
Отправить комментарий