Subscriber Discussion
Botnet Of 900 IP Cameras Launch DDOS Attack
Nearly one thousand geographically disparate ip cameras have been launching coordinated distributed denial of service attacks against an unidentified targets, reported Incapsula
The attack was run of the mill, peaking at 20,000 requests per second (RPS). The surprise came later when, upon combing through the list of attacking IPs, we discovered that some of the botnet devices were located right in our own back yard. Further investigation of the offending IPs showed that they belonged to CCTV cameras, all accessible via their default login credentials.
Further research showed that these cameras had been used in previous attacks possibly by unrelated hackers.
At the bottom of that post, we asked them what cameras were involved. Their response:
"In this case it wasn't any particular manufacturer or camera model, just a seemingly random cluster of cameras that were configured to allow remote access, while also being accessible via default/easy-to-guess credentials. (e.g., amdin/admin, admin/12345, etc) You can find those is the strings dump above."
Where on the scale of white hat/black hat would you place a bot that helpfully changes the admin password to something random and unguessable? The technology seems trivial: from zombies to doorstops, maybe even permanently if there's no hardware reset button.
Newest Discussions
Discussion | Posts | Latest |
---|---|---|
Started by
Undisclosed End User #1
|
3
|
less than a minute by Jerome Miller |
Started by
Jermaine Wilson
|
3
|
less than a minute by Ryan King |
Started by
Undisclosed #1
|
4
|
less than a minute by Ryan King |
Started by
John Honovich
|
12
|
less than a minute by Dwayne Cooney |
Started by
Undisclosed #1
|
1
|
less than a minute by Undisclosed #1 |