Webcams used in last week’s web attacks are recalled

RecallSecurity
1 1 No Comments

Smart home product users aren’t that smart when it comes to protecting their kit though

Home webcams that were hacked to help bring down Reddit, Twitter, Spotify and other websites last week have been recalled by the Chinese manufacturer.

Chinese firm Hangzhou Xiongmai issued the US recall after its cameras were identified as assisting the web attacks.

Snooping security cameraSecurity experts had said that easy-to-guess default passwords used on the Xiongmai webcams aided the web attacks, which were launched from a network of smart devices, including the home cameras.

Hangzhou Xiongmai said the hackers were able to take control of the cameras because their owners had not changed the default passwords that come with the hardware.

At the same time, Xiongmai rejected any suggestions that its webcams had made up the majority of the devices used in the distributed denial of service (DDoS) attacks.

The company says it will improve the way it uses passwords on its products and will also send its customers a software patch to improve the devices’ protection against attacks.

The smart home market is being driven by “tech savvy” professionals according to recent research from Beecham Research, but they’re not that savvy when it comes to changing default passwords – an age old problem seen with all network equipment, from old modems and routers to easy-to-guess PINs or no PINs on smartphones.

@AntonySavvas