Dashcams have become essential devices for drivers worldwide, serving as reliable witnesses in case of accidents or roadside disputes.
However, a team of Singaporean cybersecurity researchers has uncovered a disturbing reality: these seemingly harmless devices can be hijacked within seconds and turned into powerful surveillance tools.
The findings, presented at the Security Analyst Summit 2025, reveal how attackers can bypass authentication mechanisms to access high-resolution video footage, audio recordings, and precise GPS data stored on these devices.
The research examined two dozen dashcam models from approximately 15 different brands, starting with the popular Thinkware dashcam.
Most dashcams, even those without cellular connectivity, feature built-in Wi-Fi that allows smartphone pairing through mobile apps.
This connectivity creates a significant attack surface that malicious actors can exploit to download stored data remotely.
Kaspersky security researchers identified that many dashcam models use hardcoded default passwords and similar hardware architectures, making them vulnerable to mass exploitation.
Once connected, attackers gain access to an ARM processor running a lightweight Linux build, opening doors to various proven exploitation techniques commonly seen in IoT device attacks.
Authentication Bypass Techniques
The researchers discovered several methods attackers use to bypass manufacturer authentication. Direct file access allows hackers to request video downloads without password verification, as the web server only checks credentials at the main entry point.
MAC address spoofing enables attackers to intercept and replicate the owner’s smartphone identifier, while replay attacks involve recording legitimate Wi-Fi exchanges for later exploitation.
Perhaps most concerning is the worm-like propagation capability the researchers developed.
They wrote code that operates directly on infected dashcams, allowing compromised devices to automatically attack nearby dashcams while vehicles travel at similar speeds in traffic.
A single malicious payload designed to attempt multiple passwords and attack methods could successfully compromise roughly a quarter of all dashcams in an urban environment.
The harvested data enables complete movement tracking, conversation monitoring, and passenger identification.
Using GPS metadata extraction, text recognition from road signs, and OpenAI models for audio transcription, attackers can generate detailed trip summaries, effectively de-anonymizing victims through analyzed behavioral patterns.
Drivers should disable Wi-Fi when not in use, change default passwords, and regularly update firmware to mitigate these risks.
Follow us on Google News, LinkedIn, and X to Get More Instant Updates, Set CSN as a Preferred Source in Google.
