Launched in 2009, Shodan is a search engine developed by programmer John Matherly. Accessed through a web address, the system drew attention for its controversial proposal: to search for different types of devices connected to the internet. The results offered by the service can be used by hackers and internet users with malicious intent to invade the privacy and data of unsuspecting users worldwide – however, this may not be your only application.
What is Shodan
Matherly started the project in 2003, with the first concept of searching for devices, rather than words, on the internet. Currently, still in operation, Shodan is able to find everything from simple webcams to complex hydroelectric control systems.
Although not directly a problem, the system facilitates, in a way, cybercriminal practices – since it exposes the IP addresses of various devices of unprotected users with high availability. Shodan received visibility from the general public in 2013, in an article in the American magazine Forbes.
The article in question commented on the types of devices detected by Shodan, including security and heating systems for banks, universities and large corporations, as well as telling an uncomfortable case about their capacity.
Hacker invades baby monitor
The story tells the story of the American Marc Gilbert, 42, resident in the city of Houston, Texas. In an unhappy surprise, after celebrating his 34th birthday, Gilbert heard a strange voice coming from his daughter’s room, just two years old. As he ran to check the situation, he realized that the sound was being emitted by the baby monitor and immediately unplugged it. According to him, the voice ordered the child to wake up, calling him by an obscene and inappropriate term.
The attacker would have obtained access to the baby monitor through its maintenance system, overwriting the default password of these devices – which tends to be “admin” in most cases. According to Forbes, the Shodan would have been the likely tool used by the criminal in the act.