Manufacturers are putting web interfaces on everything - cameras, light switches, routers. Hackers are making malware to exploit this - here is one such example from The Register:
Surveillance camera compromised in 98 seconds
Robert Graham, CEO of Errata Security, on Friday documented his experience setting up a $55 JideTech security camera behind a Raspberry Pi router configured to isolate the camera from his home network.
According to Graham's series of Twitter posts, his camera was taken over by the Mirai botnet in just 98 seconds.
Mirai conducts a brute force password attack via telnet using 61 default credentials to gain access to the DVR software in video cameras and to other devices such as routers and CCTV cameras.
After the first stage of Mirai loads, "it then connects out to download the full virus," Graham said in a Twitter post. "Once it downloads that, it runs it and starts spewing out SYN packets at a high rate of speed, looking for new victims."
Learn how to set up a firewall or pay someone to do it for you. Change the default passwords on all your web-based devices.
Leave a comment