Chinese electronics company Hangzhou Xiongmai is recalling its webcams in the US following last week’s massive distributed denial-of-service attack that shut down multiple websites, including Github, Amazon, and Twitter. Some security researchers, including security firm Flashpoint, blamed the attack on Xiongmai’s lagging security practices and use of a default username and password in its software and camera components. That weakness, and similar weaknesses in other IoT products, allowed criminals to create a massive botnet of compromised connected devices. Xiongmai told the BBC that its webcams didn’t make up the majority of the devices in the botnet, however.
The DDoS attack relied on a malware called Mirai to compromise connected devices that use default passwords and usernames. (Friendly reminder: always change your connected device’s username and password!) Unidentified attackers assembled those infected devices into a botnet to target Dyn, a DNS service provider, on Friday, as well as security blogger Brian Krebs. Mirai’s source code was publicly released earlier this month, which researchers said would lead to higher profile attacks. So far, Mirai has infected at least 493,000 devices. Before the source code was released, only 213,000 devices had been compromised. This is likely only one of many DDoS attacks we’ll see as Mirai continues to search out and exploit vulnerable devices.