Hacks Striking Old Dahua Units

Mick Brown

09/20/17 12:00pm

we are seeing a number of old dahua units we sold in uk being hacked yesterday and today

dahua helpful support is their old

these are in majour fast food resellers

with 20 going down in one retailer in an hour and 5 in another

the dahua virus epidemic has hit dahua hard here

anybody experiencing this let me know if you have a fix

Login to read this IPVM discussion.

Why do I need to log in?

IPVM conducts unique testing and research funded by member's payments enabling us to offer the most independent, accurate and in-depth information.

John Honovich

IPVM | 09/20/17 12:03pm

* ***** ***** ****** ** ********* *** **** ***** *****:****** ***** *********. ***** ******. *******:

**** ***** ********* [***, ****, ***, ***] **** ******* ***** & **** *****, **** **** *********** **** ****** ******* ****** last ****.
*** **** ***** ******** ***:
- ** ******* ******* ** *******.
- ***** ******** **** ** ***** ****.
- ****** *****.

Mick Brown

09/20/17 12:06pm

***** *** ****** *** **** **** ***** ***** **** **** support

**** ***** ****** ****** ***** ** *** ** ** **** are ******

**** ** **** ** ****

Mick Brown

09/20/17 12:26pm

**** ****** ** ** **** ******* ***** ***** *** **** put *** ** ********** ** ****

** ***** **** *********** ****** ***** **** **** ** **** with ** ** **** ***** ** ** ** ******** ***** of **** *** ******

Undisclosed #1

In reply to Mick Brown | 09/20/17 08:51pm

**** ****** ** ** **** ******* ***** ***** *** **** put *** ** ********** ** ****

**** ** *** ****?

Mick Brown

In reply to Undisclosed #1 | 09/20/17 09:50pm

***** **** ***** ** * ********** ** ******* **'* **** quickly ********* ** *** *** *** ********* ************ ************ ** just **** ******* ** *********

Undisclosed #1

In reply to Mick Brown | 09/20/17 10:04pm

***** **** ***** ** * ********** ** ******* **'* **** quickly ********* ** *** *** *** ********* ************ ************ ** just **** ******* ** *********

*********************** ***** ****** ***** ******* ******* ** **** *******.

Shane Lott

IPVMU Certified | 09/20/17 08:12pm

** ****,

* ** ** ********** ***** ********** *** *** **** ***** present ****** **** *** **** ***** **** **** * *********, a **** ***** ***.

******** * ******** **** ** ********, * ***** *******, *** outstanding!.

* *** * ******** ****** ******* ** ** ****** *** hour *** ** ********* ****, ***** *** ******** ****** ** hour.

*** ** ****** ********, ******* ****, ***** *** ********* *** recreate ****** ****** *********** ******* ** ** *** *****.

*******,

*****

John Honovich

IPVM | In reply to Shane Lott | 09/20/17 09:26pm

*****, *** **** *** *** **** *****? ****** **?

Michael Miller

In reply to John Honovich | 09/20/17 09:45pm

*** **** ** **** ** *** **** ***** *** * am ****** ***** ** **** ******** ****** **** ****** ******** hacked ***** ****/**** *****.

Shane Lott

IPVMU Certified | In reply to John Honovich | 09/21/17 05:48am

** ****,

*** ***** *** ** ** ***** ******* ***** ** ******* and ** ****** ******* ** * **** ***.

* *********** ********* ** ******** *** ***** ** ***** **** any "***** ******" **** *** "******" ********, *** **** **** a ***** ** ***** ** **** ** **** **** ****** on * ******** ******* ******** ** ******* ******* *** **** reset ** ** ***.

* ******** *** ******** *** *****, ********** ** ***, **** to **** *** *** *** ***** ******** ** ****** * 3 **** **** *** **********.

****** *********** *** ********** **** ************ ** ******** *** ** support.

* **** *** *********** ******* **** ** ******** *** ***** as * ***** *** ****** ******* **** ******.

*******,

***** ****

Mick Brown

In reply to Shane Lott | 09/21/17 05:53am

*** **** ** *** ** *** ****** ********** ** *****

** *** ** *** ********* ***** ************ ** ** **** to ****

**** **** ******* ****** * *** ***

** * ***** ***** *** **** ******* ******** **** ** site ***** *****

*** ***** *** ****** ** *** ** ** **** *** free

Mick Brown

In reply to Shane Lott | 09/21/17 07:00am

*** *** *** **** *** **** ********** ***** ** ***** its *** ******** ***** *** ***

** *** *** ** ********* ** ***** **'* * *** down ******** *******

*** *** **** ******* *****'* **** ** *** ****

** **** * *** ******* **** ***** *** ** ***** dvr **** *** **

*** **** ******* ** ** * **** ******** *** * years *** *****

** **** **** ***** **** ***** ** ** ***** ***** partners ******'* **** ********* **** ****** **** *** *** * grade ******** ***** ** ** *** *** * *****

Undisclosed #1

In reply to Mick Brown | 09/21/17 07:16am

*** *** *** **** *** **** ********** ***** ** ***** its *** ******** ***** *** ***

***** **'* ***** ***** *** (**********) ******?

John Honovich

IPVM | 09/21/17 08:14am

*** (*** ****)****** **** *******:

** *** ****** ** ****** ***** * ***** **** ** piracy, ** *** ***** ***** *********.
**** **** ** *** ****** * ********** ** ***** ******* since *********, ** *********.

**** ****** ****** *** ***** *** ***** *** ******* ********* but ** ** *** ***** ** **** *********** ** **** aware ** ******** ************* ****** ****** **** *** ****** **** **** * ****** password.

Undisclosed Distributor #2

In reply to John Honovich | 09/21/17 02:28pm

***** * ********** *** **** ******** ***** ********* ****, * am ****** **** **** ** ********* ******* **** *** ***** set ** *** ******* ***** *** ***** ***********. ****** ****** in ** *** ** *****, ** ******* ******** **** ****** because *** **** ********** ******** **** ********* ** ** *** default *****, *** ****** ** *** ** ***** - *** ARE. **** ** *** * "****" **** ** ********** ************** installers/end ***** *** **** *** ******* ***** ***** ***********.

** **** ** *** *** **** *** ***** ******* *** being ******** ******* ***-******** ***** **** * ******* ** ********** of *****, *** *** *** ********** ** **** ** ** to ** "******". **'* **** ******** "****" ** * ******* theater, ** *********** ******** *****, *** ***** "*****" *** ******* happens.

John Honovich

IPVM | In reply to Undisclosed Distributor #2 | 09/21/17 02:31pm

* ** ****** **** **** ** ********* ******* **** *** still *** ** *** ******* ***** *** ***** ***********.

***** *** ****** ******** ** ********* ******* ******* ********** ** *** ********.

** ***** **** ** ***** ** * ****** ** ******* passwords? ****. *** *** ***** ******** ** * **** ******** issue *** ** *** ****** **** **** ** ***** ********* I ***** ***** ***** ****** ** ******** ********.

Undisclosed Distributor #2

In reply to John Honovich | 09/21/17 02:42pm

******* *** * ******** *** ********** ** ** *** *** the **** ** ********* ***** ***********.

Undisclosed End User #3

09/22/17 10:05am

***** *** ******* - ******** ** *******, ******, ******** **** and ** ******* ***** ******

John Honovich

IPVM | In reply to Undisclosed End User #3 | 09/22/17 10:10am

**** **** #*! ******.

***** **** ****:

***** ** * ***** ** ****** ******* **** ***** ***'* all **** *** *****, ** *** ************ ***** **** ** Gujarat, **** *** **** ** ** ** ********** **** *** from *** *******, ** * ******** ******* *******, *** *** new ***** *** ********* , ****** *** ***** ****, ****** ports *** ******* **** ******** ****** ********** ** **** ** the ********.

****: ******** ** ** *****.

Undisclosed End User #3

In reply to John Honovich | 09/22/17 11:01am

**** *** **** ******* ** ** ****** ********..

*********:*** ** ****** **** ***** ********* ******* ****** *******

****://****.**/*********.***?*=***&*=*****

*********:****** ***--*****

John Honovich

IPVM | In reply to Undisclosed End User #3 | 09/23/17 03:33pm

****** ** ************ **** * ****** ** ***** ********* ***** recorders **** **** ****** *** ********** **** ******* ***** ****** labels ***** ******* ** '****** *', '****** *', ***. **** so:

Undisclosed End User #3

In reply to John Honovich | 09/23/17 07:51pm

*****://****.*****.***/*****-******-********-**-*****************-*-*******/

** *** **** *** ****, **** ** * **** ****** attack ** *** ******* ******* *** ******* ****** *,*** ***** recording ****, **** **** *** *******, **** *** ***** ******* September ** *** **, ********* ***** ********* *********.

Mick Brown

In reply to Undisclosed End User #3 | 09/23/17 08:38pm

***** ** * ********** ** ******** ******* *** *** ***** brand

*** ** * *** **** ******* ** ** *** ***** dvr *** ***'* ** ***** **** ****** ***** ******** ***** themselves **** ** **** *** *** ******* ********

****** **** * ****** ****** ** **** *** **** ** fix

**** * *** *** *** *****

**** *** *** ***

***** **** ***** *** ** ** *** ******

*** ** ***** ** ****

** * ******* ******* **** ***** *** *** *** ** expensiVe

**** **** ****** ******

Justin Gant

7PiXL | 09/23/17 04:15pm

* ******* ** *** ** *** *** ********* ***** ** look ** *** ***, ***** **** *** ***** **** ******* 888888 *** ******** *** *** ********. *’** *** *** **** and **** ****** **** **** * *** ****.

Undisclosed End User #3

In reply to Justin Gant | 09/23/17 04:31pm

****:*****://******.***/****/***/****/******/*****-********-***.**

# *) *** ***** ******* '******' ** ******* ** ***** to ** ******* *** ***** ***** **** '******* *** *****' only, *** *** **** ******
# - *******, **** ********** ** **** ******* ** ***** browser ** '*******.**', *** *** ********* ** ********* ******

Brian Karas

IPVM | In reply to Undisclosed End User #3 | 09/23/17 04:42pm

** **** *** ***** ******* ***** ********** ** *********** ** the **** ********** ** *** *** ******* ******* ** ***** or ***??

Undisclosed End User #3

In reply to Brian Karas | 09/23/17 05:01pm

*******.

[....]

******** ********(*,*,*,*)
{
**(*=="******")******-*;

[....]

Undisclosed #1

In reply to Undisclosed End User #3 | 09/23/17 09:35pm

******** ********(*,*,*,*)

********* *****-*** ****, ** ******* * ****** ***** ********, *'* hoping.

*** * ******'* ** ********* ** **** *** *** **** was ******** *** ***** :(

Undisclosed End User #3

In reply to Undisclosed #1 | 09/23/17 10:11pm

*** ********* ****, ****'* *** **** ***** ** **** ** "prevent" **** '******' *** ******* ** ** ***** ******** ********.

*** ****** ** ******** ** ******* ****;

/**/*****.**: ******** *****()

/**/*******.**: ******** ********()

Undisclosed #1

In reply to Undisclosed End User #3 | 09/23/17 10:21pm

*** ********* ****, ****'* *** **** ***** ** **** ** "prevent" **** '******' *** ******* ** ** ***** ******** ********.

* **** ******* ** *** ****** ****. ***** **** * didn't ******* **** *** * ****** *****. **** ** **** be ** :)

Mick Brown

In reply to Undisclosed #1 | 09/24/17 06:57am

*** * ****** *** * *** **** ***** **** ***** dvr ** **

Mick Brown

In reply to Undisclosed End User #3 | 09/24/17 07:09am

****://****************.***/~/*****/******/******/****/***-***/***********.***

Michael Miller

09/25/17 01:18am

* *** **** ******* ***** **** ** **** ******** ******. This *** ** *** **** * *****. **** *** ********** Honeywell, *** ** *** ********** ******* ******* **** *** ****.

Mick Brown

In reply to Michael Miller | 09/25/17 06:05am

***** ***** *** *** **** ********* ********

*** ******* ** *** ******** ** ***

**** *****

*** ****** ***** ****** ******** ** ***** ** *** *** Wednesday

**** *** ******* ** *** ****

***** ******** *** ***** *** ********

** **** ** **** ******* *** ** ** ** ******** firmware *******

**** **** ***** ***

*** * ****** **** **** ***** *** ***

*** ***'* **** ***** **** ** ****

*** * *** ***

Justin Gant

7PiXL | 09/25/17 03:35pm

**** *** *** **** **** *** *********** ***,

*****://********.***/********

Discussion	Posts	Latest
Nuuo Zero Day Vulnerability (2) Started by Undisclosed Manufacturer #1	2	3 minutes by Undisclosed Integrator #2
New ONVIF Conformant Products Failed To Comply With Mandatory Test Cases? (7) Started by sundar Subramanian	7	less than a minute by John Honovich
Where Are The Pre/Post Motion Settings On Milestone? (4) Started by Undisclosed Manufacturer #1	4	about 1 hour by Joshua Hendricks
User Friendly Visitor Management Recommendations? (11) Started by Undisclosed Integrator #1	11	less than a minute by Undisclosed Integrator #5
New Does Anyone Here Cut In Their Own Door Strikes On Aluminum Frames? (6) Started by David Broad	6	less than a minute by David Broad

Discussion

Posts

Latest

Nuuo Zero Day Vulnerability (2)

Started by Undisclosed Manufacturer #1

3 minutes by Undisclosed Integrator #2

New

ONVIF Conformant Products Failed To Comply With Mandatory Test Cases? (7)

Started by sundar Subramanian

less than a minute by John Honovich

Where Are The Pre/Post Motion Settings On Milestone? (4)

Started by Undisclosed Manufacturer #1