Webcams involved in Dyn DDoS attack recalled

Becky

Webmistress
Joined
Mar 25, 2003
Messages
7,424
Reaction score
1,511
Towards the end of last week several large sites were temporarily unavailable due to a large-scale distributed denial of service (DDoS) attack. The sites, which included Twitter, PayPal and Reddit, are all customers of a company called Dyn - a cloud-based 'Internet Performance Management' company. The attack targeted Dyn's DNS infrastructure, and part of the way that this was achieved was through insecure webcams - which have now been recalled:

Dyn said last week it identified “10s of millions” of unique IP addresses involved in the massive botnet DDoS attack on its managed DNS services, which knocked out Twitter, Amazon and others sites for many users. At least some of those devices are now subject to a recall, with Chinese electronics company Hangzhou Xiongmai recalling web cameras using its components that were identified as making up a good portion of the devices involved.

The webcams were cited by security experts as being susceptible to attack and inclusion in the Mirai botnet used to flood Dyn’s DNS as having default passwords that were easy to guess, making it simpler for attackers to crack their logins and incorporate them into the botnet.


Read more here: Tech Crunch
 
Serves them right for terminating my long-standing free dynamic DNS account and then attempting to charge me for it!

I'm with No-IP now, have been using them for a couple of years, it's a much better service and is supported by many different routers. I currently use dynamic DNS services to provide an external DNS name for both my personal VPN and my own self-hosted website.

- Capt. Jack Sparrow.
 
Back
Top