Chinese Company Xiongmai Threatens Legal Action Against Western Accusers

By: Brian Karas, Published on Oct 24, 2016

The Chinese video surveillance manufacturer, Xiongmai, whose equipment numerous sources blame for driving massive Internet attacks over the past month has fired back, defending itself against allegations. Moreover, they have involved the Chinese government's Ministry of Justice threatening legal action against those defaming them.

'Allegations'

Various publications have cited Xiongmai's products as being used in these cyber attacks.

Cybersecurity journalist Brian Krebs, one of the first Mirai victims, called out Xiongmai:

These products from XiongMai ... will remain a danger to others unless and until they are completely unplugged from the Internet.

Security research firm Flashpoint linked XiongMai to the Mirai botnets:

a very large percentage of these IP involved in the DDoS attacks were hosting XiongMai Technologies-based products.

ComputerWorld claims that XiongMai has taken direct responsibility:

Hangzhou Xiongmai Technology, a vendor behind DVRs and internet-connected cameras, said on Sunday that security vulnerabilities involving weak default passwords in its products were partly to blame.

Xiongmai Threat

Get Notified of Video Surveillance Breaking News
Get Notified of Video Surveillance Breaking News

However, XiongMai is now fighting back. Working with the Chinese Ministry of Justice, they are attacking 'false statements' and threatening legal action in a Oct 24 social media posting.

[Update Oct 25: Xiongmai has added the same report to their Chinese language website.]

Xiongmai / Ministry of Justice denied responsibility:

XiongMai's products for embedded closed system, the product can not be manipulated by criminals.

Xiongmai / Ministry of Justice blamed users:

The event hackers control products is the use of users do not change the initial password accustomed to the operation

Finally, they threatened legal action against those who 'falsely' claim they are fault:

Organizations or individuals false statements, defame our goodwill behavior ... through legal channels to pursue full legal responsibility for all violations of people, to pursue our legal rights are reserved. 

Why XiongMai Is Widely Unknown Even Within the Industry

Xiongmai does not sell nor market under its own brand. Rather, it OEMs / supplies to hundreds of 'manufacturers' / companies who incorporate their components / modules into their own products.

However, Xiongmai is one of the largest suppliers in the global video surveillance market. Sources within the China video surveillance industry indicate that, via their OEMs / customers, they are the 3rd largest video surveillance provider, behind Hikvision and Dahua.

Dahua Involvement

Dahua, the #2 China video surveillance manufacturer, has been at the center of the Mirai botnet attacks as well, and while they have not threatened legal action, they have also been defensive. Brian Kreb's called Dahua duplicituous and our analysis found that Dahua was deceitful in their response.  

Hikvision Not Involved

The largest China video surveillance manufacturer, Chinese government owned Hikvision, has not been accused of being involved in the Mirai botnet attacks, which is certainly very good news for them, considering their leading Chinese rivals have been. Of course, Hikvision products suffered major hacking attacks in 2015.

Legal Threat Impact Very Low

We believe Xiongmai has issued this announcement as a PR effort within China, to help counter criticisms they are facing. We do not believe that Xiongmai or the Ministry of Justice is seriously going to sue any Western companies as this is a typical tactic to save face. 

Chinese Video Surveillance Market Impact

Over the past 5 years, Chinese video surveillance manufacturer's share of the global video surveillance market has surged. Between the security flaws of products from Xiongmai and Dahua and Hikvision being owned by the Chinese government, this has created extreme concerns about the impact of Chinese video surveillance products.

8 reports cite this report:

Unfixed Critical Vulnerability In Millions of XiongMai Devices Disclosed on Oct 10, 2018
XiongMai, one of the biggest OEMs alongside Dahua and Hikvision, has suffered a critical vulnerability impacting millions of their devices. This...
Xiongmai New Critical Vulnerability - Same Manufacturer Whose Products Drove Mirai Botnet Attacks on Dec 12, 2017
The Chinese manufacturer whose products were primarily responsible for the 2016 Mirai botnet attack has a new critical vulnerability, confirmed by...
Forgotten Password Problem Importance (Statistics) on Sep 15, 2017
Forgotten passwords has become a major industry topic. For example, Hikvision has been emailing admin passwords in plain text until IPVM's...
ISC West 2017 Best and Worst on Apr 10, 2017
IPVM went to Las Vegas, examining what vendors are showcasing and what is new. Attendance was up, according to the show, and was certainly well...
Top ISC West 2017 Booth Moves on Jan 16, 2017
There are significant moves among many major manufacturers on the ISC West show floor, and very few prime spaces left unoccupied. In this report we...
XiongMai Master Password List Emailed By Chinese Spammer on Dec 05, 2016
XiongMai created an international uproar as their devices drove massive botnet attacks of major Internet sites. After pledging to recall cameras...
Hackers Battle For 3 Million Strong Mirai Botnet on Nov 28, 2016
Mirai-infected devices have become so large and so prevalent that multiple hackers are now fighting each other to control these devices. This...
Now Knocking A Country Offline - The Video Surveillance Driven Botnet Wreaks Havok on Nov 03, 2016
The video surveillance driven botnet is now attacking an entire country. The Mirai malware that took advantage of poor security in Xiongmai, Dahua...
Comments (35) : PRO Members only. Login. or Join.

Related Reports

China Dahua Replaces Their Software With US Pepper on Aug 22, 2019
What does a US government banned company do to improve its security positioning in the US? Well, Dahua is unveiling a novel solution, partnering...
Uniview Beats Intel In Trademark Lawsuit on Aug 19, 2019
Uniview has won a long-running trademark lawsuit brought by Intel, with Beijing's highest court reversing an earlier Intel win, centered on...
Biometrics Usage Statistics 2019 on Aug 13, 2019
Biometrics are commonly used in phones, but how frequently are they used for access? 150+ integrators told us how often they use biometrics,...
US Government Ban of Dahua, Hikvision, Huawei Takes Effect Now on Aug 13, 2019
The 'prohibition on use or procurement' of Dahua, Hikvision and Huawei products and 'essential components' take effect today, August 13, 2019, one...
Hikvision Global News Reports Directory on Aug 11, 2019
Hikvision has received the most global news reporting of any video surveillance company, ever, ranging from the WSJ, the Financial Times, Reuters,...
Stanley Makes "Multi-Million Dollar Investment" Into Banned Hikvision Products on Aug 09, 2019
Just days from the US government ban going into effect, US mega-corporation Stanley has dramatically increased its imports of banned Hikvision...
Indonesia Security Association Chairman Interview on Aug 01, 2019
Indonesia is a huge country with a population close to the US and a fast-growing economy. Its security industry is also growing rapidly but faces...
Hikvision Cameras Covering Concentration Camps on Jul 29, 2019
Hikvision cameras monitoring a concentration camp were shown in a recent BBC investigation: The video excerpt shows the Hikvision cameras and...
Australia Security Full Show Report on Jul 25, 2019
IPVM went to Australia attending the 3 days of the Australia Security Exhibition: This was held at the ICC Sydney, as shown below: In this...
History of Video Surveillance on Jul 19, 2019
The video surveillance market has changed significantly since 2000, going from VCRs to ab emerging AI cloud era.  The goal of this history is to...

Most Recent Industry Reports

TMA Apologizes to Amazon / Ring on Aug 23, 2019
Not only is Amazon / Ring making major incursions into the residential security market, the organization representing the biggest incumbents, The...
China Dahua Replaces Their Software With US Pepper on Aug 22, 2019
What does a US government banned company do to improve its security positioning in the US? Well, Dahua is unveiling a novel solution, partnering...
Security Integrators Outlook On Remaining Integrators In 2025 on Aug 22, 2019
The industry has changed substantially in the last decade, with the rise of IP cameras and the race to the bottom. Indeed, more changes may be...
First GDPR Facial Recognition Fine For Sweden School on Aug 22, 2019
A school in Sweden has been fined $20,000 for using facial recognition to keep attendance in what is Sweden's first GDPR fine. Notably, the fine is...
Anyvision Facial Recognition Tested on Aug 21, 2019
Anyvision is aiming for $1 billion in revenue by 2022, backed by $74 million in funding. But does their performance live up to the hype they have...
JCI Sues Wyze on Aug 21, 2019
The mega manufacturer / integrator JCI has sued the fast-growing $20 camera Seattle startup Wyze. Inside this note: Share the court...
Dahua 4K Camera Shootout on Aug 20, 2019
Dahua's new Pro Series 4K N85CL5Z claims to "deliver superior images in all lighting and environmental conditions", but how does this compare to...
ZK Teco Atlas Access Control Tested on Aug 20, 2019
Who needs access specialists? China-based ZKTeco claims its newest access panel 'makes it very easy for anyone to learn and install access control...
Uniview Beats Intel In Trademark Lawsuit on Aug 19, 2019
Uniview has won a long-running trademark lawsuit brought by Intel, with Beijing's highest court reversing an earlier Intel win, centered on...
Suprema Biometric Mass Leak Examined on Aug 19, 2019
While Suprema is rarely discussed even within the physical security market, the South Korean biometrics manufacturer made global news this past...

The world's leading video surveillance information source, IPVM provides the best reporting, testing and training for 10,000+ members globally. Dedicated to independent and objective information, we uniquely refuse any and all advertisements, sponsorship and consulting from manufacturers.

About | FAQ | Contact