This top security camera streaming app may have been putting thousands of users at risk


  • Virtavo, a company selling web cameras and other security solutions, was found exposing user data
  • Researchers at Cybernews found a large database full of PII unprotected
  • The archive has since been closed down

Home security solutions provider Virtavo has been accused of harvesting and exposing sensitive data on (possibly) hundreds of thousands of users.

Cybersecurity researchers from Cybernewsfound an exposed data server with 3GB of personal information and telemetry from iPhones. in the summer of 2023

All the information had one thing in common – it was generated from an app called Home V, which manages Virtavo security cameras. These cameras allow video streaming, playback, two-way communication, motion alerts, and more.

Hundreds of thousands of users

The database included people’s phone numbers, device identifiers, IP addresses, firmware versions, and other device, network, and user information. The researchers said the data could be used to identify camera owners, which is particularly concerning. Furthermore, the data was updated in real-time, which is the Holy Grail of data for all cybercriminals.

In total, the server held more than 8.7 million records. Not all of them were unique, and some identifiers appeared up to 50 times. This led the researchers to speculate that at least 100,000 users are affected by the leak.

Most are located in China, but there are plenty of users from other parts of the globe, as well.

“The detailed device identifiers, IP addresses, user phone numbers, and other personal information can be exploited by malicious actors for various purposes, including targeted attacks, unauthorized access, identity theft, and surveillance,” the researchers said. “Updates in real-time exacerbate the issue, as it allows for continuous collection of fresh data.”

The researchers reported their findings to both the company and the Chinese Computer Emergency Response Team (CERT), and the server was subsequently shut down. However, it remains unclear if any malicious actors found it before.

Via Cybernews

You might also like