Subscriber Discussion

Infected iOS Apps - Hikvision - Ivms-4500

UE
Undisclosed End User #1
Sep 21, 2015

You may want to check your iphone and your employees iPhones to see if they have infected iOS apps on their phone. Apple has supposedly removed the infected apps from the Apps Store, however, they did not remove it from your phone if you have it installed on your phone. Check out the full list of apps as there are a few popular apps that are infected. For our industry, I noticed that iVMS-4500 was an infected malware app. I looked it up and it is HIK Visions app,

HIK Visions APP

Full List

(1)
JH
John Honovich
Sep 21, 2015
IPVM

Thanks for sharing. We already emailed Hikvision this morning requesting comment. We will update as we review ourselves and get feedback from Hikvision.

(1)
UM
Undisclosed Manufacturer #2
Sep 21, 2015
In reply to John Honovich

THE reason why America should not use Chinese electronics in the security field...

"The majority of cyberspace is created and maintained by the private sector and most cyber weapons have their origins in the non-state sector as well, including sophisticated cyber weaponry. As a consequence, in any cyber conflict, in order for a nation to be able to adequately project cyber power and conduct operations in cyberspace with the maximum impact, it needs the cooperation of the private sector."

http://thediplomat.com/2015/03/why-the-pla-revealed-its-secret-plans-for-cyber-war/

(2)
UM
Undisclosed Manufacturer #4
Sep 21, 2015
In reply to Undisclosed Manufacturer #2

.....OR

China To Invest In UK Nuclear Plant

U
Undisclosed #3
Sep 21, 2015

wonder if Joe Coe covered downloading malicious versions of Xcode when making apps for iOS

Cybersecurity and Video Surveillance: How to Protect Your IP Video Network - by HikVision https://event.webcasts.com/starthere.jsp?ei=1073656

(1)
(2)
Avatar
Jon Dillabaugh
Sep 21, 2015
Pro Focus LLC

So does anyone know the needed steps to protect yourself after deleting the infected Hikvision app?

And on another point, there are probably many other app devs being used by western companies that outsource to foreign devs. Buying from a western brand doesn't guarantee non-Chinese code.

(2)
(2)
JH
John Honovich
Sep 22, 2015
IPVM
In reply to Jon Dillabaugh

Jon,

In terms of what to do after deleting the Hikvision app, probably would be prudent to change your passwords for your device and other apps on the device, since Palo Alto Networks is saying that it's possible that such credentials could have been obtained.

I don't know what else but if I see or hear anything, we'll add. We're also going to do a longer post in the morning.

(1)
JH
John Honovich
Sep 22, 2015
IPVM

Here is the Hikvision official statement:

JH
John Honovich
Sep 22, 2015
IPVM

Update - our post and analysis here.

New discussion

Ask questions and get answers to your physical security questions from IPVM team members and fellow subscribers.

Newest discussions