Hackers Add Backdoor To CCTV Security Pros / Dahua SmartPSS

By Ethan Ace, Published Jun 22, 2021, 09:56am EDT

Hackers have inserted a backdoor into downloads of Dahua's SmartPSS from OEM / relabeller's "CCTV Security Pros" website, allowing attackers full control of compromised computers.

IPVM Image

In this report, we examine:

  • Details of the backdoor
  • The affected OEM and their feedback
  • Details on the hacking group
  • Potential for impact in surveillance
  • Small OEM cybersecurity threats

Backdoor *******

*** ******** *** ************* ** ********, ** ********** ******** provider, ** * **** 17th ******. ******* ********** downloads ** *****'* ******** from ** ***'* *******, wrapping *** ******** ********** with ********* ************* ********** ******* ***** launched ****** ************ ** a ******** (***** "*********").

********* **** *** **********, allows *** ****** ***********, and **** *************, ****** PowerShell ******** ** ** executed, *** ******* **** knowledge. ******** ******** ********* using **** ******** ** install *** ** * victim *******, ****** **** full ******* *** ****-**** viewing ** **** **********.

******** **** **** *** victim ***** ********* **** avoided ******, *** ****** should ****** ** ***** attacks.

Background **** ******** ****

**** ******** **** **************************.*********** *** ** * storefront ** **:

IPVM Image

******** ****** ********:

IPVM Image

******* *** ***** *** the **** ******** ******** products ** **************** **** 3 ****** ******* *** ~26,000 ****** ******* ** 2021, ** ****:

IPVM Image

CCTV ******** **** ******* ******

***** *** ******** ****** does *** **** *** website ***** ****** *** Trojanized ******** ********, *** shared * **********:

IPVM Image

*** ** ********** **** this **** ******* *** language ****** ******** ****' ********* page(* ********** ***) *** ******* *** to *** ******* *** comment, *** ********* (*** comments, *****). **** ******** Pros ** ********* ******* of *** ***** ******* was ***********.

DarkSide ********** *********

*** ******* *** *** of *** ******** ********** group's ***** ***** **********, which ******** ****** ** UNC2465. ******** ** **** known *** ***** ********** ** *** ******* US' ******** ********. ** ***, ***** have **** ** ******* of ******* ********* ****** from ******* ** *** SmartPSS ********.

Likely *** ********** / *********** ****** *** *******

**** ******** ******** ** likely *** **********. **** Security **** ** *** well-known, **** ***** ***** Dahua ****, ** ** is ******** **** * large ****** ** ***** downloaded *** ********** **** while ** *** *********.

************, **** ******** **** support **** ** *** a *** *** *** searches *** ********, ********* on *** ****** ** third **** ** ****** results, ****** ** ******** that ***** ***** **** them ** ****** ******* for ********, *.*., ********* "SmartPSS ********" ** ****** "SmartPSS."

CCTV ******** **** ********

******** *** ** **** Security **** *** *******, it ******** ** ** the ***** **** *** heard ** **** ************* (despite ******** ** ******* that **** *** ******* out ** ****) *** that **** *** ******* the ******** ******** *** replaced **** ***.

** * ********* ****** of ******** ******* *** systems *** ********* ******** and ******* ** * primary *******. ** **** as ** *** **** report ** *********** **** action *** ******* *** file. ** ** **:**** 6/17/2021 *** **** *** been ******** **** * completely *** *********.

***** ** **** **** plans ** ****** ** had ******* ******** *********, they *********:

*** **** * *** version ** *** ******** is ********* ** **** report **** ** *** customers. ******* *** ********* updated **** ****** ** our ********.

*******, ***** ** **** had *** **** *** the ****** ******** *** hackers **** **** ** upload *** *********** *******, they *********:

*** ******** ***** *** provided ** ** ******** from *** ************* ** the ********* ** ****. Regardless, ** **** ** investigating *** *** **** was *********** *** **** the ********* *******.

**** ******** **** ******** to ******* ******* ******* after **** ********.

Old *** ******* / ********** ****** ** ****** *****

******** **** *** ***** "software *****" *** ******** directly **** *** ************, at *** **** ********'* report *** ********, **** Security **** *** ******* their ********* ** ******* ******** ***** ** ******** 2018 ******* (**.***.*******.*.*.******). ** contrast, ***** ***** ***** downloads ** ***** *** webspace, *** ******** ****.

Dahua ********

*****'* ******** *** *** mention **** ******* ******** to **** ****, *** reiterated ***** ******* ************* stance:

*. ** ********** *******’* work ** ******** **** bug. ******** ******** ** this **** ***** ** important **** ** *** ecosystem *** *** *************.*. Dahua *** ** ********* process *** *** ** protocols *** *********** *** dealing **** ***************. *** practice ** ***** ****** cybersecurity ** ** **-***** process **** ******* ********** testing *** *********** ** products.3. ***** *** *********** protocols, ********** **** **** practice ** *** ********, for ******** **** ***** newly ********** ******** ****** and ******* *** **** in * ****** ******.*.***** takes *** ******** *********. Consistent **** **** ********, we ****** ** ******* pen *******, **** **** security **********, *** ******* backup *********.

Small *** ************* ******

******** **** ************ ******** cybersecurity ****** **** ******* on ***** *******, **** backdoor *********** *** ********* threat ***** ** ****** numerous ***** ****. **** of ***** ************* *** very ***** *** ***************, without *** **-***** ********* required ** ****** ***** infrastructure ******* **** **** of ******. ******* ** this, **** *** ** a ***** ****** *** attackers, ********** *** **********-**** attacks, ***** *** ****** of * ****** ****** paying *** ****** ** potentially ***** *** **** not ******* * ***** vulnerable ****.

Comments (22)

*** *****’* **** * smoked *** ******* * Trojan?

Agree: 1
Disagree
Informative
Unhelpful: 1
Funny: 4

** ***** ** ***** is **** ************* ** Dahua's ******** ******** **** allowed ** ** *** "Trojanized", ***** **** ****** could ** ******* ** almost *** ***** ******** installer.

Agree: 5
Disagree
Informative
Unhelpful: 1
Funny

* **** ** ***** with **** *. ***** this *******. ** ** not *****'* ************** ** secure ***** ***** ***'* webpages. ******* ***** ** impossible ****. **** **** of ****** ****** *** existed *** * **** long ****. (** * am *** * ***** fan, *** ** *** are ***** ********* **** at ***** *** *** of *** *'*** **** can ** **** *********** for.)

*** ***** **** ******** (2016):

****** ******** *** ** put "********" ** ******** of ***** **** ********* | *****

Agree: 3
Disagree
Informative
Unhelpful
Funny

** *** *** ***** criticize ****

**'* * ******* *********** of **** ******** ********* extensive ********* **** *** OEM *** **** *****. If *** **** *** post, ***** ** ***** being **********?

Agree: 2
Disagree
Informative
Unhelpful
Funny

*** ***** **** ******** (2016): ****** ******** *** he *** "********" ** hundreds ** ***** **** downloads | *****

***, **** **** / title ******* **** ***** follows *** **** ******* as *** *****, ***** the ******** ** *** (in **** **** *****'* SmartPSS) ** * *** element ** *** ******, as ***** ******** ** Linux.

Agree: 3
Disagree
Informative
Unhelpful
Funny

****'* **** ** *** point * ** ****** John. ** ** ****** easy ** **** ******** third ***** ******** *** a *** ** ****** don't ******** *** ****** of **** **** *** downloading.

'*********' *** **** **** a ****** *****, *** from *** ***** ** the ******* **** ******* would/could ****** **** ***** is ** *****. *** reality ** *** ********* is **** **** ******** Pros ******* ***** ** download * *********** ******* of *****'* ********* ********.

*** ****** *****'* ***** are ***** ** *** cyber ******** *****, *** I ***'* *** *** Dahua ***** **** ********** preempted/prevented **** **** ** issue.

Agree: 1
Disagree
Informative: 1
Unhelpful
Funny

** ** ****** **** to **** ******** ***** party ********

******* *****/***** ****** **** Dahua ** ** *****

**** ******** **** ******* users ** ******** * compromised ******* ** *****'* SmartPass ********.

** **** ****, **** Security **** ** ** authorized ***** *******. **** what ** ***, *** how ** ******** ****, the ****** ************** ** on **** ******** **** but ***** *** ********* responsibility ** *** **** provide *** ********* ***** partners ** ********** ********.

** *** *****'* *** direct ******, **** *** numerous, *********:

*** **** *** ***********.

Agree: 1
Disagree
Informative: 2
Unhelpful
Funny

******. * ***** ** are ****** *** **** thing ** ********* ****.

Agree
Disagree
Informative
Unhelpful
Funny

***** *** ********* ************** in *** **** ******* and ********* ***** ******** to ********** ********.

**'* *** **********. ***** partners **** *** ***** Dahua *** ***** ** control ********.

Agree
Disagree
Informative
Unhelpful
Funny

****, ***** *******, ****'* insulting ** *****.

**** ******** **** **************************.***** * **** ********** in ** **** * few *********:

IPVM Image

***** ** * *****-******* corporation **** **** ** thousands ** *********:

IPVM Image

***** ***** **** ** a *** ***** **** 'CCTV ******** ****' ***** in * ****.

** ***** ** ** serious ***** ************* ** they ***, ***** *** enforce ********** ***** **** tiny ******** **** '**** Security ****'.

*****/********?

Agree: 3
Disagree
Informative
Unhelpful
Funny

***** *** ******* ********** terms **** **** ********

** **** *** *** time ** ********* *********** hundreds ** ****** *********, sure. ***** **** **** to **** ******* ***** about *****'* ***** ** having ******** ***** ****.

**'* **** **** ** assess ******* ********. * mean, ** **** *** SolarWinds **** * ******* that ******** * *** of ***** *******. ** a ******* ** *** as ********** *** ** this, *** *** *** know ** **** *** partner ***'* ***** ** do *** **** *****?

** *** *** * situation **** *** **** to ** **** ****** serious ************* ** **** partners. *** ** ***** going ** ** ****? With ** **** ********, do **** **** ** set ** * *** department ********* ** ***** security ***********? ***** **** could ******** ** *** to ******** ****** ********? Note **** * **** serious **************., *** "** hey, ** ******* **** that **** ** ******* has **** ** ****..."

*** *** **** ******* is, *** ***** ********* handle *** ** **** in *** ***** *****? "You *** ********* *** do *** *** **** I ****** *** ** a *** **** ****** and ****** ******* ** Same **** - **** do ***** ***** ****?" Even ** *** **** programmers *** *** ********** website *****, ** *** have ******* ** ***** who *** ***** ****** through ****** ****** *********, avoiding ********, ******* ********* and ******** *******, ***? Can *** ******* **** own ****** *****? ***** was * ********** ** the ***** **** *** other *** **** *** on *** **** **** small ********* ********* ***'* have *** ***** ** deal **** ********.

** **** *****'* ***********, what *** *** ***** to **? *** * bunch ** ***** ** do *********** **** **** eliminate **** ** **** partners? **'* **** ** see ** ***** ********** to ****. **'* ****** to **** **** *** bad *****.

*******, **** ********* ****** to **** **** **** Dahua. **** ******** **** is ********* ******** ******* they *** ** ***. But ** *** ***-***, non-Dahua ******* *** ********* that ** **** * few ******* *** ********* available *** ********* ** download. ***** ****? **** puts ** ** *** same ****. *** ** takes ** * *** password ** * ******** engineered **** ******* *** for ******** ** **** into *** ******* *** mess ** *** *********. (For ***** **********, ** we *****'* **** **** yet.) ***** ** *** vendors ***** **** **** we **** ******** * way ** ******** ***** manual? *'* *** **** they *** **** ** have * *******. **** if *** ******** ****** linked ** *** ****** website ******* ** * download ** *** ******, anyone *** ***** ** could ****** **** ** point ** * ********* download.

** *******, ******** ** hard, **** ***** ********** are *** ** **, and * ****** ** eat *********.

Agree
Disagree
Informative
Unhelpful
Funny

** *** *** * situation **** *** **** to ** **** ****** serious ************* ** **** partners. *** ** ***** going ** ** ****?

**** *** ****** **** steps, *.*., ***** ***** say '*** ******** **** use ******** ***** **** Dahua ******** ******* / links.' * ***'* ***** it's * ****** ******* nothing *** **********.

Agree: 1
Disagree
Informative
Unhelpful
Funny

****, *** ***** **** to ****** ***** ******* website *** **** **** there's ** ******** ****, and ******* **** **** links ** *****'* ******** page (*** *** ****** I ********* *****). *** even ****, ** *** know **** **** ******** are ******** *** *********? What ** *** ***** that **** **** **** purchase *** * **** to * ****** ***** file?

Agree
Disagree
Informative
Unhelpful
Funny: 1

*** *** *** **** argument ** ******* ********* anything, *.*. ***'* *** your ******* *** * policy **** ****:

** ****** "**** ****" jokes ******* *********.

*** ***** *******:

****, *** ***** **** to ****** **** ***** employee **** *** **** your **** *****. *** even ****, ** *** know ** ********* ***'* do ** **** **** are ** *** *** site? **** ** **** do ** **** ** managers *** *******? **** if **** **** **** mama ***** **** ************ messages?

** ***** ** ****. A ******* *** *** the **** '*** ******** must *** ******** ***** from *** ******** ******* / *****' *** *** penalties ** **. ******** may ******* *** **** but **'* ***** **** it ** * **** with ********* *** ***** caught.

Agree: 1
Disagree
Informative
Unhelpful
Funny

**, * *** **** you're ******. *****, **** I'm ** ****** **** I **** ** **** in ** ******** **********.

Agree
Disagree
Informative
Unhelpful
Funny: 1

*** **** ******** ***** being ********? 😉

* ***** **** ***. Business **** - **** don't **** ** ** it. **** *** ** government *** ***** ******** if **** **?

Agree
Disagree
Informative
Unhelpful
Funny

***** ******** **** *** allow ***** *** ***** of ******* ********.

*** **** ************* ****** be **** ** ***** tremendous ********* **** ***** subordinate **** ******* *********** requirements. ****************************** *********************************. **** ************* *** trying ** ******* ***** brand.

Agree: 1
Disagree
Informative: 1
Unhelpful
Funny: 1

***** ** ***/***** ***** thus ********* *** ****** of ***** **** *** involved ** ************ *** software, *********** **, ******* it, ***. *** **** makes ** ****** *** modifications ** ****** *** go *********. * ****** that ***** ***** ******** on ***** ******* *** doesn't **** **** ** other *** ********, ****** then ** ******** **** secure...??

** *** ****** *** posted *** **** ** the *****, **** ***** have ****** (** ******), allowing ***** ** ****** that *** ******** *** been *******.

** ***** ** **** most ************* ***'* **** the **** ******, *** most ****** ***'* ****** checking.

Agree: 2
Disagree
Informative: 3
Unhelpful
Funny

*****, **** ******** ********** Dahua ********* **** ******** static ****** ** ** with.

Agree
Disagree: 6
Informative
Unhelpful: 8
Funny

******* **** ****** ****** results:

******* *** ***** *** the **** ******** ******** products ** **************** **** 3 ****** ******* *** ~26,000 ****** ******* ** 2021, ** ****:

IPVM Image

Agree
Disagree
Informative: 2
Unhelpful
Funny

* ***** **** *** markets ***** ****** **** not ****** (*** ******** to *** ***) *** level ** ******** *** are ******* *****. ** simply **** *** *** the *******'* ***** ***** regardless ** ***** ****.

Agree
Disagree: 1
Informative
Unhelpful
Funny

** ***** ***** ** declare **** *** ****** market ** ** ***** and *** *** **** security ** *** ***** it **** **** *** do **. *** *** be ***** ***** *****’* actual ******* **** *** Dahua’s ****** ******** ******** taking ******** *********.

Agree: 1
Disagree
Informative
Unhelpful
Funny: 1
Read this IPVM report for free.

This article is part of IPVM's 7,270 reports and 968 tests and is only available to subscribers. To get a one-time preview of our work, enter your work email to access the full article.

Already a subscriber? Login here | Join now
Loading Related Reports