Logo

DOSarrest Vulnerability Testing and Optimization
Navigation
  • Home
  • non gamstop casino

Attackers hijack CCTV cameras to launch DDoS attacks

on October 22, 2015 |
DDoS DDoS Attack Specialist Defend Against DDoS Denial of Service Attack DoS Attacks

Default and weak credentials on embedded devices can lead to powerful botnets

We’ve reached a point that security researchers have long warned is coming: Insecure embedded devices connected to the Internet are routinely being hacked and used in attacks.

Want to add a bunch of users without going out of your mind? We show you how to do that, and more.

The latest example is a distributed denial-of-service (DDoS) attack detected recently by security firm Imperva. It was a traditional HTTP flood aimed at overloading a resource on a cloud service, but the malicious requests came from surveillance cameras protecting businesses around the world instead of a typical computer botnet.

The attack peaked at 20,000 requests per second and originated from around 900 closed-circuit television (CCTV) cameras running embedded versions of Linux and the BusyBox toolkit, researchers from Imperva’s Incapsula team said in a blog post Wednesday.

When analyzing one of the hijacked cameras that happened to be located in a store close to the team’s office, the researchers found that it was infected with a variant of a known malware program designed for ARM versions of Linux that’s known as Bashlite, Lightaidra or GayFgt.

While infecting computers with malware these days requires software exploits and social engineering, compromising the CCTV cameras that were used in this attack was very easy as they were all accessible over the Internet via Telnet or SSH with default or weak credentials.

Insecure out-of-the-box configurations are a common issue in the embedded device world and have been for a long time. In 2013, an anonymous researcher hijacked 420,000 Internet-accessible embedded devices that had default or no login passwords and used them in an experiment to map the whole Internet.

However, the problem is getting worse. The push by device manufacturers to connect things such as refrigerators or “smart” light bulbs to the Internet is largely done without consideration for security implications or an overhaul of outdated practices. As a result, the number of easily hackable embedded devices is growing fast.

Shortly after the CCTV camera-based attack was mitigated, a separate DDoS attack was detected that originated from a botnet of network-attached storage (NAS) devices, the Imperva researchers said. “And yes, you guessed it, those were also compromised by brute-force dictionary attacks.”

Source: http://www.computerworld.com/article/2996079/internet-of-things/attackers-hijack-cctv-cameras-to-launch-ddos-attacks.html

Share this story:
  • tweet

Recent Posts

  • Link11 Discovers Record Number of DDoS Attacks in First Half of 2021

    July 15, 2021 - 0 Comment
  • A New Wave of DDoS Extortion Campaigns by Fancy Lazarus

    June 16, 2021 - 0 Comment
  • ‘Fancy Lazarus’ Cyberattackers Ramp up Ransom DDoS Efforts

    June 12, 2021 - 0 Comment
Comments are closed.

Keep updated with the latest DDoS Attacks

RSSSubscribe
  • Home
  • Latest News
  • Contact
  • Sitemap
  • Non Gamstop Casinos
  • Casinos Not Affected By Gamstop
  • Casino Sites Not On Gamstop
  • Casino Not On Gamstop
  • Foods Of England
  • Casnio Not On Gamstop
© Copyright 2013. All Rights Reserved. Web Development by: 6folds Marketing