Mirai-like Botnet Persirai Attacks IP Cameras - Impact Analyzed

Author: Brian Karas, Published on Jun 14, 2017

Mirai made headlines in 2016, exploiting weaknesses in cameras, including those from Dahua and XiongMai to create a massive botnet that was used to bring down several well-known websites, and internet access in Liberia.

Now, a new botnet very similar to Mirai, known as Persirai, is targeting similar exploits in consumer-oriented cameras. In this report we analyze the impact of Persirai and the products it is affecting.

***** **** ********* ** ****, ********** ********** ** *******,********* ***** **** ****************** ****** * ******* ****** **** *** **** ** ********* ******* ****-***** ********, *********** ****** ** *******.

***, * *** ****** **** ******* ** *****, ***** ** Persirai, ** ********* ******* ******** ** ********-******** *******. ** **** report ** ******* *** ****** ** ******** *** *** ******** it ** *********.

[***************]

Perserai ********

******** ** ***** ** *********** ** ******** ****** ****. **** *****, ** ******** ****** ** ***** ******** *** internet *** ***** ******* **** ***** ***************. **** ** *********** device ** *****, ******** *** **** ** ** **** ******** it ** ******** *** ******* * ******* **** **** ****** a ****** ******** ** ******* ** ** **** ** * botnet.

Exploit *****

******** ********** ****** ***, *** ******** ********, ***** ******** ******* *******, ********* *** ******* ** ******** a **** ** *********/******** (******* ** ******** ********), *** * ******** ** * *** ****** ************** (******* to ********** ***** ******** *************). *** ******* *** ********* ******** ********** *** ** ******* uPNP ********, ***** ***** ** ***** ******* ***** *** *** aware **.

1,000+ ******/****** ********

***** ***** ******* **** *,*** ********** ******/****** ********. **** ** *** ********** ** *********** ******** ***** ******** is **** ***** ******* **** ******** ** ** **** ***** OEM ******, ***** ******** ** ********/*** *******.

** ***, * **** ************ ** *** ***** *** *** been **********, *** ** ** **** ****** *** ******* ******* multiple *************, ** ******* ******** **** ******* ***'* **** **** IPVM ********** **** **** ** ***** ****** *** ****** ****** multiple ********* ****** ** ********** **** ******* *********, ** ******* contract **** *** ******** *************, ** ****** ***** ****.

** * ****** ****** ** ********** *****, ******* ****** **** encountered, ******* ************ ********* ********** ** *** *******. ***** ****** *** ***** in *** **** ********* *****. **** ******** ***** ********* ** branding ** *** **, ****** ********* ** *** **** ** "IP ******" ** "*** ******* ******":

No ***** ****** ********

**** *** **************, *** ******* **** ***** *******, **** ** the ******** ***** **** **** ***** ****** ** **** ******* such ** *****, *********, *-***, *****, ***. *******, ** * general ****, ***** ***** ***** ** ********* ** ***** ******** them ** ****** ******** ***********.

170,000 ********** ***** ********

******* *** ** ********** ** ********** ************** ***,*** ************ ******* ********* ******:

Similarities ** *****

**** **** *****, ******** ***** ****** ********** **** * **** is *********** *** *********** ************* ** * ******. ** **** cases *** ****** **** ******** ** ******** ********, ****** ************** may ** ******** ** *** ****** ** ***** ********* ** participate ** * **** ******. ***** **** **** ***** ** these ******* ***** **** ******* *********, ** ** ******** **** firmware *** **** **** **** ** ******* (******** *** ************* even ******* ******* ********).

******** ******** **** *** ******* * ****** ** *** ******, another ***** ** ****** **** *****. ***** *** '*****' ***** cameras ****** ** ********* ****, ****** **** **** ****** ****** infected ***** ******* ** **** *** *** *** ** * VPN ** ********* ******* **** ****** ******.

Impact **** ****** ** *******/********

********'* ****** ** **** ****** ** ** **** ** ******* websites ** ******* **** *** *** ********** ** * **** attack ******* *** ** ******** *******.

Minimal ****** ******** ******

**** * ******** ******** **********, ***** ** ***** ****** **** been ********, *** ******* ****** ***** **** **** ******** ******** on *****'* *********, ******* * **** ** ***** ** ** camera ********* ** *******.

Comments (0)

Login to read this IPVM report.
Why do I need to log in?
IPVM conducts unique testing and research funded by member's payments enabling us to offer the most independent, accurate and in-depth information.

Related Reports on Consumer

No Hack, Still Liable, Court Finds ADT on Jun 20, 2017
Recently, ADT has been in the news for a $16 million settlement for a cyber security vulnerability class action suit. One of the most important...
Samsung SmartCam A1 Totally Wireless System on Jun 06, 2017
Hanwha is keeping the Samsung brand alive in consumer cameras with the SmartCam A1, a new offering combining an autotracking 1080p camera with base...
Jeff Bezos-Funded Deep Sentinel Security Startup on Jun 05, 2017
Deep Learning is a rising trend in many commercial security products, and now one entrepreneur wants to bring deep learning to residential...
Arlo Go Cellular Cloud Camera Tested on May 23, 2017
Totally wireless surveillance cameras are growing but almost all typically depend on a hub and local Internet access. However, many outdoor...
Ring Floodlight Cam Tested on Apr 20, 2017
Ring has released their latest entry, the Floodlight Cam, calling it the "Evolution of Outdoor Security", touting motion activated floodlights,...
SimpliSafe Camera Tested on Mar 07, 2017
SimpliSafe is one of the most controversial companies in the industry, as they have become the symbol of the DIY threat to traditional alarm...
Hikvision Ezviz Mini 360 Plus - $80 Autotracking Camera Tested on Feb 21, 2017
Autotracking, integrated IR, local storage, full HD, cloud access: $80. That is the claim of Hikvision EZVIZ's new Mini 360 Plus. But for this...
Hikvision Discontinued 'Migration' Tested on Dec 16, 2016
In 2 weeks, Hikvision's online service web portal will be discontinued. Hikvision has now framed it as a 'migration', though the transition will be...
2017 Video Surveillance Predictions on Dec 15, 2016
2017 should be an active, if not rocky, year for the security industry, according to predictions from IPVM integrators. We surveyed integrators,...

Most Recent Industry Reports

Avigilon VP Communications Exits on Jun 27, 2017
In 2016, Avigilon hired an executive, Darren Seed to: build and maintain strategic relationships with the investment community and to...
Hikvision H.265+ Tested on Jun 27, 2017
Hikvision, which in the past few years released H.264+ (see test results) has now released H.265+, that claims even greater bandwidth savings. We...
Milestone / Canon Launch Cloud Startup Arcus Global on Jun 27, 2017
Milestone has spun off a business, Arcus Global, funded by their parent company Canon. The new company aims to transform the VSaaS market with an...
Biometrics Pros and Cons For Electronic Access Control on Jun 26, 2017
Biometrics has been long sought as an alternative to the security risks of cards, pins and passwords. While biometrics has improved somewhat over...
Manufacturer Sales People Are Very Important - Statistics on Jun 26, 2017
IPVM's new integrator statistics show what sales people say regularly: Sales people are very important. From 150 integrator...
No Personal Opinions About Work on Jun 26, 2017
One rising trend is the tendency for people to disclaim their statements on work related topics as their own 'opinions' or 'personal...
Importance of Sales To Integrators - Statistics on Jun 23, 2017
One of the top trends in the industry over the past few years has been the rise of across-the-board sales (e.g.: Hikvision Sales, Dahua Sale,...
Deep Learning Surveillance Startups Deep Problem on Jun 23, 2017
The undeniably good news for the video surveillance market is that we are seeing the rise of more startups than in many years. The cause of this...
Avigilon Announces RADAR-Based Presence Detector on Jun 22, 2017
RADAR is gaining momentum within physical security. Two months after Axis announced a network radar detector, Avigilon has announced a RADAR-Based...
Covert Cloud Camera Service Launching (KJB) on Jun 22, 2017
Cloud IP cameras, for consumers, has become increasingly commonplace. However, covert cameras, lag there, with few options. Now, North America's...

The world's leading video surveillance information source, IPVM provides the best reporting, testing and training for 10,000+ members globally. Dedicated to independent and objective information, we uniquely refuse any and all advertisements, sponsorship and consulting from manufacturers.

About | FAQ | Contact