South Koreans have long faced the threat of “molka"—hidden cameras in public spaces. Now, that fear has moved into the sanctuary of the home.
In December 2025, the National Police Agency of South Korea recently announced the arrest of four individuals involved in the hacking of 120,000 home security cameras, using private footage to create and sell non-consensually shared explicit imagery (NCSEI).
While the arrests mark a legal victory, the incident highlights the scale of tech-faciliated abuse. The footage, stolen from hacked internet-protocol (IP) cameras in homes, hospitals, and saunas, was sold for thousands of dollars to offshore hosting providers specializing in distributing illegal content.
In exchange for the NCSEI videos, one suspect was allegedly paid over $24,000 worth of virtual assets and another about $12,000.
South Korean law enforcement is also investigating the website operator and people who viewed the footage, the release stated.
The hacked cameras were protected with names and passwords that were “found to be simple, consisting of repeated characters or combinations of sequential numbers or letters,” according to the public release statement, calling for users of internet-connected cameras to regularly change their passwords.
This is not the first incident of IP cameras being exploited. In 2020, researchers discovered over 1 million surveillance cameras and over 125,000 surveillance servers publicly accessible to the Internet. In 2014, the Mira botnet targeted surveillance systems, infecting over 600,000 devices worldwide.
In an interview with the New York Times, the head of the National Police Agency’s Cyber Terror Investigation Unit, Kim Young-woon, stated that case suspects were charged with violating laws against hacking.
Three suspects face additional charges of creating or selling NCSEI, including content involving children, he said. The fourth suspect was released after being arrested.
The number of victims is anyone’s guess, Mr. Kim said, adding that the website where the illicit videos were shared was also under investigation.
Authorities did not disclose the origin of the cameras that had been hacked, nor their manufacturers.
How the Hacking Occurred
The police confirmed that the hackers did not use sophisticated software to bypass security. Instead, hackers exploited human vulnerability.
Simple Passwords: Most compromised cameras used sequential numbers (123456), repeated characters (aaaaaa), or “admin/admin” defaults.
Unregulated Hardware: Many of the cameras were direct buy imports from manufacturers that did not meet local security standards or require password changes upon setup.
Network Exposure: Because IP cameras transfer data over the internet, any device with a weak password is effectively visible to anyone with the camera’s IP address.
NCSEI is More Than Just a Leak
When private footage or imagery is stolen and shared, this is categorized as Non-Consensually Shared Explicit Imagery (NCSEI), an issue broader than “leaked pictures” or “revenge porn”. It is essential to recognize the impact of NCSEI:
Violation of Privacy: Home is meant to be a sanctuary. This breach turns tools of care (baby monitors, pet cams, home security cameras) into tools of trauma.
Digital Permanence: NCSEI victims face ongoing anxiety that their private moments will remain on the internet indefinitely.
Psychological Toll: NCSEI is a form of image-based sexual abuse that can lead to severe anxiety, depression, and social withdrawal.
Securing your Space
If you own an internet-connected camera, take these steps immediately to ensure your privacy:
1. Change Default Passwords
Change the default passwords of all internet-connected devices immediately. A secure password should be at least 12 characters, including a mix of symbols, numbers, and upper/lowercase letters. Avoid consecutive patterns of letters (aaaaa)or passwords with dictionary words (password).
2. Enable Multi-Factor Authentication (MFA)
If your camera’s app supports it, enable MFA, also known as 2-factor authentication (2FA). This ensures that even if a hacker guesses your password, they cannot access the feed without a code sent to your phone.
3. Update Firmware Frequently
Manufacturers release “patches” to fix security holes. Check your camera’s mobile app or the manufacturer’s website for software updates at least once a month.
4. Physical Privacy
If you use a camera to monitor a pet or a room while you are away, consider a model with a physical privacy shutter that covers the lens when you are home. Alternatively, unplug the device when it is not needed.
Conclusion
While technology has changed the landscape of privacy, it does not change our fundamental right to feel safe in our own homes. By securing our devices and supporting survivors of NCSEI, we can begin to reclaim the sanctuary of the home from those who seek to exploit it.
A message to survivors: violation of your digital space is never your fault, and there are resources available to help you take back control.
