Security News Over nine million cameras and DVRs open to APTs, botnet herders, and voyeurs

LASER_oneXM

LASER_oneXM

Level 37
Thread author
Verified
Top Poster
Well-known
Feb 4, 2016
2,520
Content source
https://www.zdnet.com/article/over-nine-million-cameras-and-dvrs-open-to-apts-botnet-herders-and-voyeurs/
Re-branded IP cameras and DVRs sold by over 100 companies can be easily hacked, researchers say.
Millions of security cameras, DVRs, and NVRs contain vulnerabilities that can allow a remote attacker to take over devices with little effort, security researchers have revealed today.
All vulnerable devices have been manufactured by Hangzhou Xiongmai Technology Co., Ltd. (Xiongmai hereinafter), a Chinese company based in the city of Hangzhou.

But end users won't be able to tell that they're using a hackable device because the company doesn't sell any products with its name on them, but ships all equipment as white label products on which other companies put their logo on top.

Security researchers from EU-based SEC Consult say they've identified over 100 companies that buy and re-brand Xiongmai devices as their own.
All of these devices are vulnerable to easy hacks, researchers say. The source of all vulnerabilities is a feature found in all devices named the "XMEye P2P Cloud."
Click to expand...
 
  • Like
Reactions: upnorth, spaceoctopus, harlan4096 and 3 others
DeepWeb

DeepWeb

Level 25
Verified
Top Poster
Well-known
Jul 1, 2017
1,396
Anything that can be programmed can be hacked as Mikko Hypponen said. But are people gonna bother? We live in great times where fortunately malware writers are too lazy to try anything that specific. We all want to put as little work as possible for the greatest effect so going after something that specific is only on the radar of nation states and even they won't bother unless it's a person of high interest to them.
 
  • Like
Reactions: spaceoctopus
K

Kubla

Level 8
Verified
Jan 22, 2017
355
DeepWeb said:
Anything that can be programmed can be hacked as Mikko Hypponen said. But are people gonna bother? We live in great times where fortunately malware writers are too lazy to try anything that specific. We all want to put as little work as possible for the greatest effect so going after something that specific is only on the radar of nation states and even they won't bother unless it's a person of high interest to them.
Click to expand...

I suppose if you are a nation that built its economy around espionage and reverse engineering and have millions of security cameras, DVRs, and NVRs in 100's of companies many of which are no doubt used to monitor employees working on their newest tech, classified projects etc... would come in quite handy.
 
  • Like
Reactions: DeepWeb
You must log in or register to reply here.

Similar threads

silversurfer
    • Wow
    • Like
    • Sad
Over 100,000 medical infusion pumps vulnerable to years old critical bug
Replies
1
Views
1,220
News Archive
Whitlow19
W
LASER_oneXM
    • Wow
    • Like
Access:7 vulnerabilities impact medical and IoT devices
Replies
0
Views
788
News Archive
LASER_oneXM
LASER_oneXM
Gandalf_The_Grey
    • Like
Popular vehicle GPS tracker gives hackers admin privileges over SMS
Replies
0
Views
643
News Archive
Gandalf_The_Grey
Gandalf_The_Grey

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top