Chinese IoT manufacturer issues recall after its devices are linked to massive DDoS attack

By midian182 · 6 replies
Oct 25, 2016
Post New Reply
  1. The Chinese electronics firm that created many of the IoT devices used in last week’s DDoS attack on DNS service provider Dyn is issuing a product recall in the US. Researchers said Hangzhou Xiongmai Technology’s products, such as webcams and digital video recorders, were able to aid the assault because of their basic security errors.

    The unprecedented attack, which knocked off several major websites for hours, was caused by the Mirai malware. It seeks out internet of things devices that use factory-default usernames and passwords before exploiting them and forcing the products to join botnets used in DDoS attacks.

    Security researchers say Xiongmai’s easy-to-guess default passwords and the inability to set a password on some forms of connection meant their products made up the majority of the devices used in the attack. The company denied this, and stated that users should change the default passwords.

    “Security issues are a problem facing all mankind. Since industry giants have experienced them, Xiongmai is not afraid to experience them once, too,” the company said in a statement.

    The recall will mainly affect webcams made by Xiongmai. The company is also issuing a patch for products made before April 2015 and improving the password function of its devices.

    Chinese firm Dahua Technology said that some of its older products were also vulnerable to these sort of attacks. It is now offering firmware updates and discounts for customers wishing to exchange devices.

    As the popularity of IoT devices continues to grow, an increasing number of hackers are exploiting the poor security found in these products. “For something with so much promise, and marketing opportunities, the Internet of Things is a total mess, at least from a security standpoint, ” Lee Munson, Security Researcher for, told me.

    “The fact that Xiongmai is recalling devices in the wake of the Dyn DDoS attack just reeks of another manufacturer rushing to market without sparing a thought for how networked devices could - or should - be protected from attackers who are always looking for new opportunities to compromise their way to their goals."

    Afer Mirai was used in a record-breaking 620 Gbps DDoS attack on famed researcher Brian Krebs’ website last month, the malware’s source code was published online, leading to an increase in its use.

    We still don’t know who was behind Friday's attack, though several different hacking groups have claimed responsibility. While US intelligence agencies say it wasn't state-sponsored, antivirus pioneer John McAfee believes the culprit was North Korea.

    Permalink to story.

  2. MoeJoe

    MoeJoe TS Guru Posts: 710   +379

    The Russians hack Chinese craptastic internet appliances to crush capitalism & Democracy.
    Oh the irony ...
    stewi0001 likes this.
  3. wiyosaya

    wiyosaya TS Evangelist Posts: 1,923   +755

    What a bunch of CYA BS on a totally avoidable mistake. And they should have added, "Xiongmai is not afraid to throw away millions of dollars to correct something that never should have been delivered to customers as it was."

    Yet another BS company out to make a buck on the 15-minutes of fame that IoT is generating without any concern about the quality of the product or its security or the problems that it may cause. I hope the recall cost them millions as if it does, it just might teach them a lesson, but I highly doubt that it will teach them a lesson.
    BSim500 likes this.
  4. Kenrick

    Kenrick TS Evangelist Posts: 570   +372

    A lot of webcams and dvr are rebranded chinese products. It will be helpful if the manufacturer will post who are the vendors and what models are in the recall or needs a firmware update.
    drjekelmrhyde likes this.
  5. drjekelmrhyde

    drjekelmrhyde TS Addict Posts: 249   +63

    Good luck pulling all those rebranded products.
  6. Darth Shiv

    Darth Shiv TS Evangelist Posts: 1,811   +472

    So Cisco should pull all their compromised products too? What about IE, Apache, Chrome, Firefox, Safari for all their avoidable exploited security holes? How about unencrypted DNS? So the people responsible for the infrastructure of the internet abysmally failed there too. Ubiquitous encryption on email? Microsoft stopping patching older OSs for critical exploits? What about every company that puts backdoors in their products?

    It's not only the Chinese putting out rubbish.
  7. Phr3d

    Phr3d TS Guru Posts: 404   +84

    Pleasantly surprised at this response -- according to another article, only 500,000 more devices to go.
    I see this as an ongoing problem that seems near impossible to easily address/repair at present (comes down to how many adolescents wanna impress their friends at how much they can 'slow down' the internet with a few keystrokes).

    I'd like to hear generic commentary about how Dyn recovered - were they able to block the traffic or did it simply stop/time-out, etc.
    Darth Shiv likes this.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...