Webcams used in last week DDoS attacks recalled

Hangzhou Xiongmai issued the recall after hackers made access to websites such as Reddit, Twitter and Spotify intermittent last week
Author:
Publish date:
Social count:
0
1-us-uk-in-stock-font-b-pc-b-font-video-camera-usb-2-0-50-0m.jpg

Home webcams that were hacked to help attackers take down various websites last week are being recalled in the US.

Hangzhou Xiongmai, the Chinese electronics company whose components were in cameras cameras identified as aiding the attacks, issued the recall after hackers made access to websites such as Reddit, Twitter and Spotify intermittent.

In a statement, Hangzhou Xiongmai said hackers were able to take over the cameras because users had not changed the devices' default passwords, but it rejected suggestions that its webcams made up the majority of devices used in the attacks. 

"Security issues are a problem facing all mankind. Since industry giants have experienced them, Xiongmai is not afraid to experience them once, too."

The company said it was also improving the way it put passwords on its products and would send customers a software patch that will reinforce the devices against attack. 

The recall affects all the components made by Hangzhou Xiongmai that go into webcams. 

Chester Wisniewski, principal research scientist at security firm Sophos, said about 500,000 webcams had been turned into 'bots' that attackers used to overwhelm websites and servers with data.

He said: "Friday's attack only used approximately 10 per cent of these bots, demonstrating the incredible power wielded by just one type of device. There are tens of millions more insecure 'smart' things that could cause incredible disruptions, if harnessed."

Related