I received a half dozen calls today regarding systems that were hacked overnight. These people were none of my customers. The first business I arrived at had a log which I will post below. It appears they had the users 888888 as default. Of the four calls I handled today they were on HDCVI recorders as well as a NVR.
This is just to inform installers of the latest hack and to remember to change all default passwords.
I was unable to add the picture but the Hack logged in with an IP address of 185.15.27.223 through user 888888 on 9-22-2017 @ 23:10 hours.
#1, this is unfortunately happening all over the world. See this discussion from a few days ago with more details: Hacks Striking Old Dahua Units
We are preparing a full report for tomorrow morning.
Thanks for sharing!
Ask questions and get answers to your physical security questions from IPVM team members and fellow subscribers.