Subscriber Discussion

Bot Targeting Hikvision

UI
Undisclosed Integrator #1
Mar 01, 2017

We've had four customers in the last couple of weeks locked out of their Hikvision recorders by what looks like bot. All clients were on old firmware with default admin password of 12345 and default ports -I know, I know, they were all installs from years ago who we hadn't visited since. In all cases the admin password has changed and a new SYSTEM user has been added. Our Hikvision distributor has been inundated with pw reset code requests.

If you have any Hikvision users/clients on defaults I'd suggest contacting them and changing the admin password ASAP. 

Avatar
Brian Karas
Mar 01, 2017
IPVM

We have heard multiple reports of this, but have not been able to track down the root source of this yet, or additional info.

Try "123" for the new password on the admin account, I heard from one source that is what they determined the admin password was changed to.

This was also reported here: Hikvision Default Password Changed Mysteriously - Hacked?

UI
Undisclosed Integrator #1
Mar 01, 2017
In reply to Brian Karas

OK, will try 123 if another hacked NVR comes up.

Avatar
Jon Dillabaugh
Mar 02, 2017
Pro Focus LLC

Sounds very familiar

(1)
New discussion

Ask questions and get answers to your physical security questions from IPVM team members and fellow subscribers.

Newest discussions