More and more information about the recent DynDNS cyber attack is becoming available as the investigation continues. XIongMai Technologies, a Chinese company manufacturing surveillance video camera components, admitted that they were indirectly responsible for this attack. Their technology was used to carry out this wave of denial of service attacks, as their products are vulnerable to the Mirai botnet malware.
XiongMai Technologies Admits Their Indirect Involvement
Contrary to what other manufacturers would do, XiongMai Technologies admitted their problem. This surveillance video camera component manufacturer admits that they are vulnerable to the Mirai botnet malware, which orchestrated the DynDNS attack. It’s nice to see a company recognize its role in this process, inadvertently as it may be.
While they are not the only manufacturers vulnerable to the Mirai malware, they are the first to officially admit that their products are vulnerable. During this DDoS attack, thousands of devices all over the world were used to flood DynDNS’s servers with traffic and web requests. Security cameras played a significant role in this scheme, as did other Internet of Things devices.
What is rather worrisome is how XiongMai knew about these vulnerabilities since the end of 2015. However, the issues were never completely fixed, and hackers continue to exploit these weak spots. Changing default passwords on any of these Chinese devices was impossible, leaving them wide open for hackers to exploit and abuse.
Although components produced by the Chinese firm after September 2015 no longer contain this vulnerability, the majority of their devices remain prone to hacking. All of their clients have been advised to upgrade device firmware as soon as possible, yet there is very little the company can do to speed up this process.
For now it remains unknown which other manufacturers suffered a similar fate. Since a lot of computers and smartphones were used in the attacks, it is likely that most of these Mirai infections are a direct result of users not upgrading device software on a regular basis. As easy as it is to blame manufacturers, the end user has a responsibility to bear as well.
All of this goes to show that the current concept of firmware updates will need an overhaul, too. Companies should have the option to force updates upon customers whenever it is needed. For now, though, this is virtually impossible, as it remains up to the end user to do so manually.
If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.