Updated 2:12 PM EST, Wed, Jan 29, 2020

Make CT Your Homepage

Chinese Firm Issues Recall for Webcams and DVRs used as Botnets in Global DDoS Attack


(Photo : Hangzhou Xiongmai Technology ) Xiongmai AHD/IP HD Block camera module.

A Chinese electronics company based in the city of Hangzhou, China's Silicon Valley," has ordered a worldwide recall of its webcams it admits were used as botnets by unknown hackers to practically cripple internet service in the United States on Oct. 21.

Hangzhou Xiongmai Technology Co., Ltd. issued a recall of "all the circuit boards and components made by Hangzhou Xiongmai that go into webcams." Media reports said the company discovered some of its older products made before September 2015 don't require users to change the default password.

Like Us on Facebook

As a result, these products were just begging to be hacked, which they were during the massive DDoS (distributed denial of service) attack. Hackers used the freely available Mirai malware to transform Hangzhou Xiongmai's webcams and DVRs into botnets that became part of the huge network attacking the servers of American internet services firm Dyn DNS Company based in New Hampshire.

Dyn said it was attacked three times. The attack caused major sites including Twitter, Reddit, GitHub, Amazon, Netflix, Spotify and Runescape to become unreachable. The cyberattacks caused outages for many across the East Coast in the U.S.

"Mirai is a huge disaster for the Internet of Things," said Xiongmai in a media statement. "(We) have to admit that our products also suffered from hacker's break-in and illegal use."

Xiongmai said it concentrates on security surveillance, which is particularly worrying following the massive takeover of its cameras during the DDoS attack.

"Our business mainly involves in security monitoring module, main board, supporting software and product solutions which contains AHD models as well as its motherboards, network HD models as well as its motherboards, AHD/network integration movements, automatic focusing modules, QQ content couplet modules , CMS, VMS, SNVR, MYEYE monitoring platform software, cloud services and so on<' explained the company on its website.

The attacks dramatically illustrated the glaring lack of security among hundreds of millions of connected Internet of Things (Iot) devices present in homes, businesses and other locations worldwide. The Oct. 21 DDoS attack transformed these non-secure IoT devices into botnets. Without the IoT devices, the scale of this attack would have been impossible.

Hangzhou Xiongmai said the weak default passwords in some of its devices were to blame for their use in the DDoS attacks.

Mirai malware exploited security vulnerabilities and infected the IoT devices, employing them in a botnet to launch massive DDoS attacks.

Mirai wreaks havoc by hijacking IoT devices to form a huge connected network and assault websites with requests, overloading them until effectively knocking them offline.

Mirai has reportedly spread to at least 500,000 devices and shows no signs of slowing down.

Real Time Analytics