2 Million IoT Devices Vulnerable to Complete Takeover

silversurfer

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,057
Over 2 million IP security cameras, baby monitors and smart doorbells have serious vulnerabilities that could enable an attacker to hijack the devices and spy on their owners — and there’s currently no known patch for the shared flaws.

The attack stems from peer-to-peer (P2P) communication technology in all of these Internet of Things (IoT) devices, which allows them to be accessed without any manual configuration. The particular P2P solution that they use, iLnkP2P, is developed by Shenzhen Yunni Technology and contains two vulnerabilities that could allow remote hackers to find and take over vulnerable cameras used in the devices.

“Over 2 million vulnerable devices have been identified on the internet, including those distributed by HiChip, TENVIS, SV3C, VStarcam, Wanscam, NEO Coolcam, Sricam, Eye Sight and HVCAM,” said Paul Marrapese, a security engineer who discovered the flaws, in a post last week. “Affected devices use a component called iLnkP2P. Unfortunately, iLnkP2P is used by hundreds of other brands as well, making identification of vulnerable devices difficult.”
 

JM Safe

Level 39
Verified
Top Poster
Apr 12, 2015
2,882
Hopefully those flaws will be solved very soon. IoT is very useful and can be very powerful with smart devices, for example smart webcams that can be very good to improve security.
 

Entreri

Level 7
Verified
May 25, 2015
342
This is not Apple, Google or Microsoft.

They have neither the expertise, $$$ or even the care to fix these issues.
IoT devices created by many companies, often times small ones. These security holes will never get fixed.

Essentially you need Apple or say one of the security companies like BitDefender to create the specific IoT.
 

Andrew Williams

New Member
Sep 5, 2017
2
There honestly needs to be legislation to keep these IoT manufacturers held accountable for their lack of support for their products. They have a responsibility to their customer's privacy and security to not just blindly allow these things to happen and not support them. The threat landscape is always evolving. Let's just hope that the security landscape can keep up. smh :rolleyes:
 
  • Like
Reactions: upnorth

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top