Hackers Add Backdoor To CCTV Security Pros / Dahua SmartPSS

By Ethan Ace, Published Jun 22, 2021, 09:56am EDT (Info+)

Hackers have inserted a backdoor into downloads of Dahua's SmartPSS from OEM / relabeller's "CCTV Security Pros" website, allowing attackers full control of compromised computers.

IPVM Image

In this report, we examine:

  • Details of the backdoor
  • The affected OEM and their feedback
  • Details on the hacking group
  • Potential for impact in surveillance
  • Small OEM cybersecurity threats

Backdoor *******

*** ******** *** ************* ** ********, ** ********** ******** ********, ** a **** **** ******. ******* ********** downloads ** *****'* ******** **** ** OEM's *******, ******** *** ******** ********** with ********* ************* ********** ******* ***** ******** ****** installation ** * ******** (***** "*********").

********* **** *** **********, ****** *** remote ***********, *** **** *************, ****** PowerShell ******** ** ** ********, *** without **** *********. ******** ******** ********* using **** ******** ** ******* *** on * ****** *******, ****** **** full ******* *** ****-**** ******* ** user **********.

******** **** **** *** ****** ***** contacted **** ******* ******, *** ****** should ****** ** ***** *******.

Background **** ******** ****

**** ******** **** **************************.*********** *** ** * ********** ** NJ:

IPVM Image

******** ****** ********:

IPVM Image

******* *** ***** *** *** **** commonly ******** ******** ** **************** **** 3 ****** ******* *** ~**,*** ****** shipped ** ****, ** ****:

IPVM Image

CCTV ******** **** ******* ******

***** *** ******** ****** **** *** name *** ******* ***** ****** *** Trojanized ******** ********, *** ****** * screenshot:

IPVM Image

*** ** ********** **** **** **** matches *** ******** ****** ******** ****' ********* ****(* ********** ***) *** ******* *** ** *** company *** *******, *** ********* (*** comments, *****). **** ******** **** ** currently ******* ** *** ***** ******* was ***********.

DarkSide ********** *********

*** ******* *** *** ** *** DarkSide ********** *****'* ***** ***** **********, which ******** ****** ** *******. ******** is **** ***** *** ***** ********** ** *** ******* **' ******** Pipeline. ** ***, ***** **** **** no ******* ** ******* ********* ****** from ******* ** *** ******** ********.

Likely *** ********** / *********** ****** *** *******

**** ******** ******** ** ****** *** widespread. **** ******** **** ** *** well-known, **** ***** ***** ***** ****, so ** ** ******** **** * large ****** ** ***** ********** *** Trojanized **** ***** ** *** *********.

************, **** ******** **** ******* **** is *** * *** *** *** searches *** ********, ********* ** *** second ** ***** **** ** ****** results, ****** ** ******** **** ***** would **** **** ** ****** ******* for ********, *.*., ********* "******** ********" or ****** "********."

CCTV ******** **** ********

******** *** ** **** ******** **** for *******, ** ******** ** ** the ***** **** *** ***** ** this ************* (******* ******** ** ******* that **** *** ******* *** ** them) *** **** **** *** ******* the ******** ******** *** ******** **** new.

** * ********* ****** ** ******** cameras *** ******* *** ********* ******** and ******* ** * ******* *******. As **** ** ** *** **** report ** *********** **** ****** *** removed *** ****. ** ** **:**** 6/17/2021 *** **** *** **** ******** with * ********** *** *********.

***** ** **** **** ***** ** notify ** *** ******* ******** *********, they *********:

*** **** * *** ******* ** our ******** ** ********* ** **** report **** ** *** *********. ******* our ********* ******* **** ****** ** our ********.

*******, ***** ** **** *** *** idea *** *** ****** ******** *** hackers **** **** ** ****** *** compromised *******, **** *********:

*** ******** ***** *** ******** ** us ******** **** *** ************* ** the ********* ** ****. **********, ** will ** ************* *** *** **** was *********** *** **** *** ********* actions.

**** ******** **** ******** ** ******* further ******* ***** **** ********.

Old *** ******* / ********** ****** ** ****** *****

******** **** *** ***** "******** *****" are ******** ******** **** *** ************, at *** **** ********'* ****** *** released, **** ******** **** *** ******* their ********* ** ******* ******** ***** ** ******** **** ******* (V2.002.0000007.0.R.181023). ** ********, ***** ***** ***** downloads ** ***** *** ********, *** the***** ****.

Dahua ********

*****'* ******** *** *** ******* **** details ******** ** **** ****, *** reiterated ***** ******* ************* ******:

*. ** ********** *******’* **** ** exposing **** ***. ******** ******** ** this **** ***** ** ********* **** in *** ********* *** *** *************.*. Dahua *** ** ********* ******* *** set ** ********* *** *********** *** dealing **** ***************. *** ******** ** built ****** ************* ** ** **-***** process **** ******* ********** ******* *** improvement ** ********.*. ***** *** *********** protocols, ********** **** **** ******** ** the ********, *** ******** **** ***** newly ********** ******** ****** *** ******* for **** ** * ****** ******.*.***** takes *** ******** *********. ********** **** best ********, ** ****** ** ******* pen *******, **** **** ******** **********, and ******* ****** *********.

Small *** ************* ******

******** **** ************ ******** ************* ****** have ******* ** ***** *******, **** backdoor *********** *** ********* ****** ***** by ****** ******** ***** ****. **** of ***** ************* *** **** ***** and ***************, ******* *** **-***** ********* required ** ****** ***** ************** ******* this **** ** ******. ******* ** this, **** *** ** * ***** target *** *********, ********** *** **********-**** attacks, ***** *** ****** ** * single ****** ****** *** ****** ** potentially ***** *** **** *** ******* a ***** ********** ****.

Comments (22)

*** *****’* **** * ****** *** wearing * ******?

Agree: 1
Disagree
Informative
Unhelpful: 1
Funny: 4

** ***** ** ***** ** **** vulnerability ** *****'* ******** ******** **** allowed ** ** *** "**********", ***** this ****** ***** ** ******* ** almost *** ***** ******** *********.

Agree: 5
Disagree
Informative
Unhelpful: 1
Funny

* **** ** ***** **** **** F. ***** **** *******. ** ** not *****'* ************** ** ****** ***** party ***'* ********. ******* ***** ** impossible ****. **** **** ** ****** vector *** ******* *** * **** long ****. (** * ** *** a ***** ***, *** ** *** are ***** ********* **** ** ***** use *** ** *** *'*** **** can ** **** *********** ***.)

*** ***** **** ******** (****):

****** ******** *** ** *** "********" in ******** ** ***** **** ********* | *****

Agree: 3
Disagree
Informative
Unhelpful
Funny

** *** *** ***** ********* ****

**'* * ******* *********** ** **** happened ********* ********* ********* **** *** OEM *** **** *****. ** *** read *** ****, ***** ** ***** being **********?

Agree: 2
Disagree
Informative
Unhelpful
Funny

*** ***** **** ******** (****): ****** explains *** ** *** "********" ** hundreds ** ***** **** ********* | ZDNet

***, **** **** / ***** ******* with ***** ******* *** **** ******* as *** *****, ***** *** ******** is *** (** **** **** *****'* SmartPSS) ** * *** ******* ** the ******, ** ***** ******** ** Linux.

Agree: 3
Disagree
Informative
Unhelpful
Funny

****'* **** ** *** ***** * am ****** ****. ** ** ****** easy ** **** ******** ***** ***** software *** * *** ** ****** don't ******** *** ****** ** **** they *** ***********.

'*********' *** **** **** * ****** harsh, *** **** *** ***** ** the ******* **** ******* *****/***** ****** that ***** ** ** *****. *** reality ** *** ********* ** **** CCTV ******** **** ******* ***** ** download * *********** ******* ** *****'* SmartPass ********.

*** ****** *****'* ***** *** ***** in *** ***** ******** *****, *** I ***'* *** *** ***** ***** have ********** *********/********* **** **** ** issue.

Agree: 1
Disagree
Informative: 1
Unhelpful
Funny

** ** ****** **** ** **** modified ***** ***** ********

******* *****/***** ****** **** ***** ** at *****

**** ******** **** ******* ***** ** download * *********** ******* ** *****'* SmartPass ********.

** **** ****, **** ******** **** is ** ********** ***** *******. **** what ** ***, *** *** ** reported ****, *** ****** ************** ** on **** ******** **** *** ***** has ********* ************** ** *** **** provide *** ********* ***** ******** ** distribute ********.

** *** *****'* *** ****** ******, they *** ********, *********:

*** **** *** ***********.

Agree: 1
Disagree
Informative: 2
Unhelpful
Funny

******. * ***** ** *** ****** the **** ***** ** ********* ****.

Agree
Disagree
Informative
Unhelpful
Funny

***** *** ********* ************** ** *** they ******* *** ********* ***** ******** to ********** ********.

**'* *** **********. ***** ******** **** not ***** ***** *** ***** ** control ********.

Agree
Disagree
Informative
Unhelpful
Funny

****, ***** *******, ****'* ********* ** Dahua.

**** ******** **** **************************.***** * **** ********** ** ** with * *** *********:

IPVM Image

***** ** * *****-******* *********** **** tens ** ********* ** *********:

IPVM Image

***** ***** **** ** * *** hours **** '**** ******** ****' ***** in * ****.

** ***** ** ** ******* ***** cybersecurity ** **** ***, ***** *** enforce ********** ***** **** **** ******** like '**** ******** ****'.

*****/********?

Agree: 3
Disagree
Informative
Unhelpful
Funny

***** *** ******* ********** ***** **** tiny ********

** **** *** *** **** ** seriously *********** ******** ** ****** *********, sure. ***** **** **** ** **** broader ***** ***** *****'* ***** ** having ******** ***** ****.

**'* **** **** ** ****** ******* security. * ****, ** **** *** SolarWinds **** * ******* **** ******** a *** ** ***** *******. ** a ******* ** *** ** ********** can ** ****, *** *** *** know ** **** *** ******* ***'* going ** ** *** **** *****?

** *** *** * ********* **** you **** ** ** **** ****** serious ************* ** **** ********. *** is ***** ***** ** ** ****? With ** **** ********, ** **** have ** *** ** * *** department ********* ** ***** ******** ***********? Maybe **** ***** ******** ** *** to ******** ****** ********? **** **** I **** ******* **************., *** "** hey, ** ******* **** **** **** IP ******* *** **** ** ****..."

*** *** **** ******* **, *** small ********* ****** *** ** **** in *** ***** *****? "*** *** attackers *** ** *** *** **** I ****** *** ** * *** HTTP ****** *** ****** ******* ** Same **** - **** ** ***** words ****?" **** ** *** **** programmers *** *** ********** ******* *****, do *** **** ******* ** ***** who *** ***** ****** ******* ****** strong *********, ******** ********, ******* ********* and ******** *******, ***? *** *** protect **** *** ****** *****? ***** was * ********** ** *** ***** Wire *** ***** *** **** *** on *** **** **** ***** ********* generally ***'* **** *** ***** ** deal **** ********.

** **** *****'* ***********, **** *** you ***** ** **? *** * bunch ** ***** ** ** *********** that **** ********* **** ** **** partners? **'* **** ** *** ** being ********** ** ****. **'* ****** to **** **** *** *** *****.

*******, **** ********* ****** ** **** than **** *****. **** ******** **** is ********* ******** ******* **** *** an ***. *** ** *** ***-***, non-Dahua ******* *** ********* **** ** have * *** ******* *** ********* available *** ********* ** ********. ***** what? **** **** ** ** *** same ****. *** ** ***** ** a *** ******** ** * ******** engineered **** ******* *** *** ******** to **** **** *** ******* *** mess ** *** *********. (*** ***** interested, ** ** *****'* **** **** yet.) ***** ** *** ******* ***** know **** ** **** ******** * way ** ******** ***** ******? *'* not **** **** *** **** ** have * *******. **** ** *** download ****** ****** ** *** ****** website ******* ** * ******** ** our ******, ****** *** ***** ** could ****** **** ** ***** ** a ********* ********.

** *******, ******** ** ****, **** small ********** *** *** ** **, and * ****** ** *** *********.

Agree
Disagree
Informative
Unhelpful
Funny

** *** *** * ********* **** you **** ** ** **** ****** serious ************* ** **** ********. *** is ***** ***** ** ** ****?

**** *** ****** **** *****, *.*., Dahua ***** *** '*** ******** **** use ******** ***** **** ***** ******** website / *****.' * ***'* ***** it's * ****** ******* ******* *** everything.

Agree: 1
Disagree
Informative
Unhelpful
Funny

****, *** ***** **** ** ****** every ******* ******* *** **** **** there's ** ******** ****, *** ******* that **** ***** ** *****'* ******** page (*** *** ****** * ********* above). *** **** ****, ** *** know **** **** ******** *** ******** the *********? **** ** *** ***** that **** **** **** ******** *** a **** ** * ****** ***** file?

Agree
Disagree
Informative
Unhelpful
Funny: 1

*** *** *** **** ******** ** counter ********* ********, *.*. ***'* *** your ******* *** * ****** **** says:

** ****** "**** ****" ***** ******* customers.

*** ***** *******:

****, *** ***** **** ** ****** that ***** ******** **** *** **** your **** *****. *** **** ****, do *** **** ** ********* ***'* do ** **** **** *** ** the *** ****? **** ** **** do ** **** ** ******** *** looking? **** ** **** **** **** mama ***** **** ************ ********?

** ***** ** ****. * ******* can *** *** **** '*** ******** must *** ******** ***** **** *** official ******* / *****' *** *** penalties ** **. ******** *** ******* the **** *** **'* ***** **** it ** * **** **** ********* for ***** ******.

Agree: 1
Disagree
Informative
Unhelpful
Funny

**, * *** **** ***'** ******. Sorry, **** *'* ** ****** **** I **** ** **** ** ** absolute **********.

Agree
Disagree
Informative
Unhelpful
Funny: 1

*** **** ******** ***** ***** ********? 😉

* ***** **** ***. ******** **** - **** ***'* **** ** ** it. **** *** ** ********** *** their ******** ** **** **?

Agree
Disagree
Informative
Unhelpful
Funny

***** ******** **** *** ***** ***** the ***** ** ******* ********.

*** **** ************* ****** ** **** to ***** ********** ********* **** ***** subordinate **** ******* *********** ************. ****************************** *********************************. **** ************* *** ****** ** protect ***** *****.

Agree: 1
Disagree
Informative: 1
Unhelpful
Funny: 1

***** ** ***/***** ***** **** ********* the ****** ** ***** **** *** involved ** ************ *** ********, *********** it, ******* **, ***. *** **** makes ** ****** *** ************* ** happen *** ** *********. * ****** that ***** ***** ******** ** ***** website *** *****'* **** **** ** other *** ********, ****** **** ** somewhat **** ******...??

** *** ****** *** ****** *** hash ** *** *****, **** ***** have ****** (** ******), ******** ***** to ****** **** *** ******** *** been *******.

** ***** ** **** **** ************* don't **** *** **** ******, *** most ****** ***'* ****** ********.

Agree: 2
Disagree
Informative: 3
Unhelpful
Funny

*****, **** ******** ********** ***** ********* with ******** ****** ****** ** ** with.

Agree
Disagree: 6
Informative
Unhelpful: 8
Funny

******* **** ****** ****** *******:

******* *** ***** *** *** **** commonly ******** ******** ** **************** **** 3 ****** ******* *** ~**,*** ****** shipped ** ****, ** ****:

IPVM Image

Agree
Disagree
Informative: 2
Unhelpful
Funny

* ***** **** *** ******* ***** serves **** *** ****** (*** ******** to *** ***) *** ***** ** security *** *** ******* *****. ** simply **** *** *** *** *******'* price ***** ********** ** ***** ****.

Agree
Disagree: 1
Informative
Unhelpful
Funny

** ***** ***** ** ******* **** its ****** ****** ** ** ***** and *** *** **** ******** ** not ***** ** **** **** *** do **. *** *** ** ***** about *****’* ****** ******* **** *** Dahua’s ****** ******** ******** ****** ******** seriously.

Agree: 1
Disagree
Informative
Unhelpful
Funny: 1
Login to read this IPVM report.
Why do I need to log in?
IPVM conducts reporting, tutorials and software funded by subscriber's payments enabling us to offer the most independent, accurate and in-depth information.
Loading Related Reports