Mirai-like Botnet Persirai Attacks IP Cameras - Impact Analyzed

Author: Brian Karas, Published on Jun 14, 2017

Mirai made headlines in 2016, exploiting weaknesses in cameras, including those from Dahua and XiongMai to create a massive botnet that was used to bring down several well-known websites, and internet access in Liberia.

Now, a new botnet very similar to Mirai, known as Persirai, is targeting similar exploits in consumer-oriented cameras. In this report we analyze the impact of Persirai and the products it is affecting.

***** **** ********* ** ****, ********** ********** ** *******,********* ***** **** ****************** ****** * ******* ****** **** *** **** ** ********* ******* ****-***** ********, *********** ****** ** *******.

***, * *** ****** **** ******* ** *****, ***** ** Persirai, ** ********* ******* ******** ** ********-******** *******. ** **** report ** ******* *** ****** ** ******** *** *** ******** it ** *********.

[***************]

Perserai ********

******** ** ***** ** *********** ** ******** ****** ****. **** *****, ** ******** ****** ** ***** ******** *** internet *** ***** ******* **** ***** ***************. **** ** *********** device ** *****, ******** *** **** ** ** **** ******** it ** ******** *** ******* * ******* **** **** ****** a ****** ******** ** ******* ** ** **** ** * botnet.

Exploit *****

******** ********** ****** ***, *** ******** ********, ***** ******** ******* *******, ********* *** ******* ** ******** a **** ** *********/******** (******* ** ******** ********), *** * ******** ** * *** ****** ************** (******* to ********** ***** ******** *************). *** ******* *** ********* ******** ********** *** ** ******* uPNP ********, ***** ***** ** ***** ******* ***** *** *** aware **.

1,000+ ******/****** ********

***** ***** ******* **** *,*** ********** ******/****** ********. **** ** *** ********** ** *********** ******** ***** ******** is **** ***** ******* **** ******** ** ** **** ***** OEM ******, ***** ******** ** ********/*** *******.

** ***, * **** ************ ** *** ***** *** *** been **********, *** ** ** **** ****** *** ******* ******* multiple *************, ** ******* ******** **** ******* ***'* **** **** IPVM ********** **** **** ** ***** ****** *** ****** ****** multiple ********* ****** ** ********** **** ******* *********, ** ******* contract **** *** ******** *************, ** ****** ***** ****.

** * ****** ****** ** ********** *****, ******* ****** **** encountered, ******* ************ ********* ********** ** *** *******. ***** ****** *** ***** in *** **** ********* *****. **** ******** ***** ********* ** branding ** *** **, ****** ********* ** *** **** ** "IP ******" ** "*** ******* ******":

No ***** ****** ********

**** *** **************, *** ******* **** ***** *******, **** ** the ******** ***** **** **** ***** ****** ** **** ******* such ** *****, *********, *-***, *****, ***. *******, ** * general ****, ***** ***** ***** ** ********* ** ***** ******** them ** ****** ******** ***********.

170,000 ********** ***** ********

******* *** ** ********** ** ********** ************** ***,*** ************ ******* ********* ******:

Similarities ** *****

**** **** *****, ******** ***** ****** ********** **** * **** is *********** *** *********** ************* ** * ******. ** **** cases *** ****** **** ******** ** ******** ********, ****** ************** may ** ******** ** *** ****** ** ***** ********* ** participate ** * **** ******. ***** **** **** ***** ** these ******* ***** **** ******* *********, ** ** ******** **** firmware *** **** **** **** ** ******* (******** *** ************* even ******* ******* ********).

******** ******** **** *** ******* * ****** ** *** ******, another ***** ** ****** **** *****. ***** *** '*****' ***** cameras ****** ** ********* ****, ****** **** **** ****** ****** infected ***** ******* ** **** *** *** *** ** * VPN ** ********* ******* **** ****** ******.

Impact **** ****** ** *******/********

********'* ****** ** **** ****** ** ** **** ** ******* websites ** ******* **** *** *** ********** ** * **** attack ******* *** ** ******** *******.

Minimal ****** ******** ******

**** * ******** ******** **********, ***** ** ***** ****** **** been ********, *** ******* ****** ***** **** **** ******** ******** on *****'* *********, ******* * **** ** ***** ** ** camera ********* ** *******.

Comments (0)

Login to read this IPVM report.
Why do I need to log in?
IPVM conducts unique testing and research funded by member's payments enabling us to offer the most independent, accurate and in-depth information.

Related Reports on Consumer

Bad: Dahua Villa Video Doorbell Tested on Jan 11, 2019
Doorbells are one of the hottest segments in the residential market but Dahua's Villa Video Doorbell is the worst we have tested.   We bought and...
Worst Products Tested In Past Year on Jan 09, 2019
IPVM has done over 100 tests in the past year. But which products performed the worst? Which ones should users be most aware of? In this report,...
The Battle For The VSaaS Market Begins 2019 - Alarm.com, Arcules, Eagle Eye, OpenEye, Qumulex, Verkada, More on Jan 02, 2019
2019 will be the year that VSaaS finally becomes a real factor for professional video surveillance. While Video Surveillance as a Service (VSaaS)...
Dahua Lorex White Light Camera Tested on Dec 20, 2018
IP cameras with integrated white light LEDs are a growing trend, led by most notably Hikvision ColorVu. While the Hikvision models are not...
Imperial Capital Security Investor Conference 2018 Review - ADT, Resideo, Alarm.com, Arlo, Eagle Eye, ACRE, More on Dec 14, 2018
Imperial Capital Security Investor Conference is an event matching industry executives with financiers that frequently leads to future funding...
ADT Wins Fire Death Suit But Faces Appeal on Dec 05, 2018
ADT/Protection 1 has won a wrongful death court case in which it was sued by the estate of a deceased customer. However, the attorney for the...
Wyze Explosive Growth Disrupting Consumer IP Camera Market on Oct 30, 2018
Wyze, a company founded only in 2017, is poised to disrupt the consumer IP camera market by combining American marketing and Chinese manufacturing...
ADI's Financials Revealed + W-Box Growth Priority on Oct 15, 2018
  ADI is one of the most powerful distributors in the security industry but how big are they? How much profit do they make? How much do they sell...
Amazon Ring Spotlight Cam Tested on Sep 17, 2018
Amazon's Ring has released their latest camera entry, the Spotlight Cam, which we bought and tested in our Consumer IP Camera Analytics...
VMS Export Shootout - Avigilon, Dahua, Exacq, Genetec, Hikvision, Milestone on Sep 13, 2018
When crimes, accidents or problems occur, exporting video from one's video surveillance system is critical to proving incidents. But who does it...

Most Recent Industry Reports

The IP Camera Lock-In Trend: Meraki and Verkada on Jan 18, 2019
Open systems and interoperability have not only been big buzzwords over the past decade, but they have also become core features of video...
NYPD Refutes False SCMP Hikvision Story on Jan 18, 2019
The NYPD has refuted the SCMP Hikvision story, the Voice of America has reported. On January 11, 2018, the SCMP reported that the NYPD was using...
Mobile Surveillance Trailers Guide on Jan 17, 2019
Putting cameras in a place for temporary surveillance where power and communications are not readily available can be complicated and expensive....
Exacq Favorability Results 2019 on Jan 17, 2019
Exacq favorability amongst integrators has declined sharply, in new IPVM statistics, compared to 2017 IPVM statistics for Exacq. Now, over 5 since...
Testing Bandwidth Vs. Low Light on Jan 16, 2019
Nighttime bandwidth spikes are a major concern in video surveillance. Many calculate bandwidth as a single 24/7 number, but bit rates vary...
Access Control Records Maintenance Guide on Jan 16, 2019
Weeding out old entries, turning off unused credentials, and updating who carries which credentials is as important as to maintaining security as...
UK Fines Security Firms For Illegal Direct Marketing on Jan 16, 2019
Two UK security firms have paid over $200,000 in fines for illegally making hundreds of thousands of calls to people registered on a government...
Access Control Cabling Tutorial on Jan 15, 2019
Access Control is only as reliable as its cables. While this aspect lacks the sexiness of other components, it remains a vital part of every...
Avigilon Favorability Results 2019 on Jan 15, 2019
Since IPVM's 2017 Avigilon favorability results, the company was acquired by Motorola and has shifted from being an aggressive startup to a more...
Gorilla Technology AI Provider, Raises $15 Million, Profiled on Jan 15, 2019
Gorilla Technology is a Taiwanese video analytics manufacturer that recently announced a $15 million investment from SBI Group, saying this...

The world's leading video surveillance information source, IPVM provides the best reporting, testing and training for 10,000+ members globally. Dedicated to independent and objective information, we uniquely refuse any and all advertisements, sponsorship and consulting from manufacturers.

About | FAQ | Contact