Wall Street Journal Runs Report on Dahua Hack

The Wall Street Journal is bringing attention to the massive Dahua attack we reported on Tuesday.

In an Thursday article entitled, "Hackers Infect Army of Cameras, DVRs for Massive Internet Attacks", the Journal notes:

• "The attackers used as many as one million Chinese-made security cameras, digital video recorders and other infected devices to generate webpage requests and data that knocked their targets offline"
• "Level 3 identified cameras and video recorders made by Chinese manufacturer Dahua Technology Co. as the sources of a large share of the recent attacks"
• "A Dahua spokeswoman said on Thursday the company is still reviewing Level 3’s research. She cautioned that malware could succeed in attacking older devices that have outdated software."
• "Level 3 said H.264 DVRs made by Dahua were especially prevalent, though security researchers said other brands were affected. In some cases the devices weren’t protected with passwords or had generic passwords"

Level 3 says they have noticed 'multiple families of malware' involved in these attacks.

On Tuesday, Dahua responded to our original report saying that it "appear that this vulnerability is limited only to cameras that are connected to the internet and running outdated firmware (pre-January 2015)."

There are other conflicting reports of what is causing this. It is not clear to us what is the vulnerability(s) impacting Dahua nor whether it has been resolved in current firmware. We have asked Dahua for clarification and are hoping to report something more definitive on Monday.

[Tuesday update - We are still gathering information and feedback from Dahua and are aiming for a Wednesday post release.]