Security Researchers Discover Growing List of Mirai-Vulnerable IP Cameras

Security researchers have found even more vulnerable IoT devices waiting to be taken advantage of by the Mirai botnet and consorts. Several backdoors have been discovered in over 80 different IP camera models produced by Sony Corp. Moreover, there is close to half a million white-label IP cameras that are vulnerable to  similar attacks. This is not a positive development, and only a sign of what is to come in the years ahead.

IP Cameras Become The New Mirai Targets

The growing network of IoT devices is both a positive and troublesome development. On the one hand, it is good to see more electronics being made accessible, whether through online interfaces or mobile applications. But these devices also suffer from lackluster security features, which make them extremely vulnerable to attacks and malware.

SEC Consult, an Austrian security firm, discovered two different backdoor accounts affecting Sony IPELA Engine IP Cameras. These devices are mainly used by large enterprises and government authorities. By using one of these two user accounts, hackers can gain remote access to these devices and take over the built-in web server. Once that step has been completed, they can do virtually anything they want.

In most cases, it seems plausible to assume that assailants will execute a telnet attack. Through this protocol, assailants scan complete remote logins over the Internet, the same attack vector used by the Mirai malware. Putting two and two together reveals that these

Sony Corp IP cameras will be targeted by Mirai malware soon, assuming that has not happened already.



Related Post

For now, it remains unclear how many of these devices could be vulnerable to a telnet attack, though. KrebsOnSecurity mentioned how there are over 4,000 devices reachable over the Internet, putting all of those devices at risk of being attacked. However, it is possible that the final numbers will be much higher.

Unfortunately, these are not the only types of IP cameras vulnerable to attack by the Mirai botnet. Cybereason security researchers discovered two new flaws affecting dozens of IP camera families produced under different brand names. The vast majority of these devices can be purchased on eBay or Amazon, making them widely accessible, and significant security risks.

To make matters worse, these devices can still be exploited when behind a firewall. This is rather unusual, since firewalls should be perfectly capable of eliminating any hacking attempts by assailants. All of these cameras have a factor-default P2P communication capability that enables remote cloud access through the manufacturer’s website.

If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.

JP Buntinx

JP Buntinx is a FinTech and Bitcoin enthusiast living in Belgium. His passion for finance and technology made him one of the world's leading freelance Bitcoin writers, and he aims to achieve the same level of respect in the FinTech sector.

Share
Published by
JP Buntinx

Recent Posts

Best Altcoins to Invest in Today: Qubetics Sets the Stage for Blockchain’s Future as Bitcoin Hits $108K and Litecoin Soars

The cryptocurrency world has always been a hotbed of innovation, attracting both seasoned investors and…

4 hours ago

Dogecoin Millionaire Predicts This Undervalued Altcoin Could Match DOGE’s 2021 Gains

Dogecoin's 2021 rally was a historic one, turning ordinary investors into overnight millionaires. This magnificent…

5 hours ago

Qubetics Presale Skyrockets to $7.5M as XRP and Arbitrum Lead Best Altcoins for Exponential Returns

The crypto market is always evolving, with big names like Bitcoin and Ethereum leading the…

6 hours ago

Over 300K Users Actively Mine Crypto On BlockDAG’s X1 Miner App While BNB Bulls Eye $3K; What’s XRP’s Price Target?

The crypto market is ablaze with excitement as altcoins like XRP and BNB make major…

6 hours ago

Best Crypto Presale To Buy Now: Rollblock Delivers For Holders With New License, Record Sign Ups and 7000+ Games

Rollblock is quickly becoming the best crypto presale to buy, delivering unmatched value for its…

9 hours ago

Polkadot And Uniswap Gearing For Post-Christmas Jump As Rollblock Raises $7.4 Million in Presale

While Rollblock's continues its crypto presale, with its value increasing regularly, Polkadot (DOT) and Uniswap…

10 hours ago