THE FIRST Internet of Things (IoT) devices thought to be responsible for Friday’s giant Mirai DDoS attack on DNS provider Dyn have been recalled by their manufacturer.
Chinese firm Hangzhou Xiongmai specialises in motherboards for DVRs and IP cameras, both suspected of being part of the giant botnet used in the attack, the firm said in a statement
"Security issues are a problem facing all mankind," it said on a Chinese microblog. "Since industry giants have experienced them, Xiongmai is not afraid to experience them once, too."
We think that might be a Samsung dig.
The company is the first to take responsibility for products which may well have allowed many services including Twitter and Spotify to be taken offline at a stroke last Friday.
The main problems were caused by simple to hack user names and passwords on IoT devices, many of which never get changed from their defaults.
Xiongmai devices are particularly vulnerable, given that in many cases it doesn’t even offer the tools needed to change username and password. It may be that falling on its sword may prove a brilliant publicity coup for the company, which has promised to improve mechanisms of security on future products.
At present, it is still not known who was responsible for the attack, which was launched in three waves over a number of hours on Friday. Several groups have claimed responsibility including some claiming that it was an act of solidarity for whistleblowing site Wikileaks, however, investigators are yet to confirm that they are satisfied they know who is to blame.
Meanwhile, Xiongmai has issued a blanket recall on all products that use its circuit boards to power webcams. Exact details of what that means for end users is not clear as we currently don’t have details of what webcams used to tech and if the end manufacturers will be implementing the recall themselves, as ultimately, getting back the finished products will cost money.
Add to that the likelihood that many people simply won’t bother to return them, it’s a case of open can, worms everywhere. µ
Check Point warns that 'the next cyber hurricane is about to come'
He who controls the Animoji, rules the Animoji
Ha ha ha, hee hee hee, Will Cooke from Ubuntu had a chat with we
POKE no more. Oh wait, that was 30 years ago