Your IP Camera Can Be Abused for Payments: A Study of IoT Exploitation for Financial Services Leveraging Shodan and Criminal Infrastructures

Download PDF
Open Webpage

Yuba Raj Siwakoti, Manish Bhurtel, Danda B. Rawat, Adam Oest, RC Johnson

Published: 2024, Last Modified: 06 Nov 2025IEEE Trans. Consumer Electron. 2024EveryoneRevisionsBibTeXCC BY-SA 4.0
Abstract: The Internet of Things (IoT) devices are being abused by exploiting their vulnerabilities. Despite the significant efforts to improve IoT security, IoT devices are still at higher risk of exploitation than computer systems. First, this paper identifies vulnerable IoT devices by applying a sampling strategy incorporating Common Vulnerabilities and Exposures (CVE) entries, Shodan’s exposure, and public research documents. Then, we investigated IoT abuses in financial crimes for 17 months (October 2021 to February 2023) by mapping IoT devices exposed by Shodan with proxies found in the darknet, underground forums, and Telegram channels. After investigation, we conclude with reasonable confidence that exposed IoT devices are taken over and abused as proxies in criminal activities such as credential stuffing attacks and financial crimes like illegal money transfers, cryptocurrency trading and stealing, and credit card fraud. Our study reveals that cameras (IP, network, security) are mostly abused IoT devices as proxies, followed by NAS storage.