Slashdot Mirror
Compromised CCTV and NAS Devices Found Participating In DDoS Attacks (incapsula.com)
chicksdaddy writes: The parade of horribles continues on the Internet of Things, with a report from the security firm Incapsula that its researchers discovered compromised closed circuit cameras as well as home network attached storage (NAS) devices participating in denial of service attacks. The compromised machines included a CCTV at a local mall, just a couple minutes from the Incapsula headquarters.
According to the report, Incapsula discovered the infections as part of an investigation into a distributed denial of service attack on what it described as a "rarely-used asset" at a "large cloud service." The attack used a network of 900 compromised cameras to create a flood of HTTP GET requests, at a rate of around 20,000 requests per second, to try to disable the cloud-based server. The cameras were running the same operating system: embedded Linux with BusyBox, which is a collection of Unix utilities designed for resource-constrained endpoints.
The malware in question was a variant of a self-replicating program known as Lightaidra, which targets systems running BusyBox and exploits vulnerable Telnet/SSH services using so-called "brute force dictionary attacks" (aka "password guessing"). Given that many Internet connected devices simply use the default administrator credentials when deployed, calling it a "brute force" attack is probably a stretch.
According to the report, Incapsula discovered the infections as part of an investigation into a distributed denial of service attack on what it described as a "rarely-used asset" at a "large cloud service." The attack used a network of 900 compromised cameras to create a flood of HTTP GET requests, at a rate of around 20,000 requests per second, to try to disable the cloud-based server. The cameras were running the same operating system: embedded Linux with BusyBox, which is a collection of Unix utilities designed for resource-constrained endpoints.
The malware in question was a variant of a self-replicating program known as Lightaidra, which targets systems running BusyBox and exploits vulnerable Telnet/SSH services using so-called "brute force dictionary attacks" (aka "password guessing"). Given that many Internet connected devices simply use the default administrator credentials when deployed, calling it a "brute force" attack is probably a stretch.
You can burn out the motor coils in the cameras by hacking the software and over driving them?
That's why when it comes to my Internet of Things, I only trust the Genuine® Advantage©® of Certified® Microsoft©® Windows®© Internet© of© Things©® Soft®ware®.
©
Is anyone else getting annoyed at the writing style of recent Slashdot submissions ?
They are being written in a dumbed down folksy style with idiotic mannerisms designed to explain things to idiots, not the geek readership around here.
My Webcam came with an open root telnet port. Just connect to port XXXX (whatever it was, I forget) and you were automatically logged in to a root shell.
There's a reason I kept it completely firewalled from the Internet.
>> compromised machines included a CCTV at a local mall, just a couple minutes from the Incapsula headquarters
Clearly, the correct thing to do is move the HQ further away from the mall, right?
They contentstenntlie rape us so this is nothin. Is nothin.
A few years ago I got curious and started scanning the local subnets on my ISP for open telnet ports. Found one DVR type of device with four cameras and four hard drives running with disks 100% filled. The default logins worked and found myself at a busybox prompt. What was interesting was there was always a few others logged in from countries over seas. I managed to tftp a fragment of a video file but couldn't recognize the area. There is no reason for multiple telnet logins to a DVR box.
Only the State obtains its revenue by coercion. - Murray Rothbard
It's funny reading this today, because yesterday my smtp server was getting attacked by a Samsung DVR.
They are not whole people.
There is no evidence that they are allowed to add security and lack of evidence is strong evidence.
They hate us. That is why they won't allow us to have security.
The Wikipedia of Things, where any dipshit on the internet can edit your refrigerator.
...for opening up all those Linux boxen to the world.
It's like Windows 3.11 all over again.
I have no idea why people allow outside access to their NAS device or webcams. At a minimum, require VPN access, but ideally put them in a VLAN "jail".
Someone is going to need to get much more savvy when it comes to securing this "IoT" monster.
Yep, I blew a monitor in my early days of Linux by getting the refresh rates wrong.
From the article, it seems like the exploited cameras are IP-addressable/reachable. That does not sound like Closed Circuit TV as I think of it, with non-ethernet coax-and-like connected cameras connected to a monitoring station in a true closed circuit. I am no expert, but should we be talking about an exploit of "IP-enabled security cameras" or something like that instead?
Dear $public $relations $firm, please generate 'reports' about DDOS attacks that don't mention that vast pool of compromised Microsoft Windows desktops out there on the Internet.
'Incapsula is a cloud-based security and acceleration service that makes websites safer, faster, and more reliable'
I installed KDE 64 Sabayon Latest from USA Mirror. Inside of 3 min it was taken over.
Installed stopped to pet dog, mouse took off and opened menus. I killed the power.
admin admin
admin admin
I said admin you dumb camera!
admin admin
the Nike Air Ralston Mid nike tn requin ool Grey,makes good on the air yeezy shoes stylish design, adding a creamy grey suede upper to a white midsole, orange accents, and a sport-inspired pad-like outsole. Hit the jump for a few more looks, and hit spots like MrRSportsMiami.com for a pair today. Yesterday brought a glimpse of one of the simpler Hachi colorways wee seen to date, eschewing the standard Sting-inspired two-color (or at least two-tone) look in favor of a more uniform coloring. And as the counterpoint to that, today brings some of the more unique looks, although no less impressive. The Nike Hachi Gingham pack, designed specifically for women, each sport the air yeezy pink vintage-inspired silhouette but forgo leather in favor of a gingham textile, three different colors in total. Check out each under the cut, and look for these in Asia now, with a US release still up in the air. While a rather scarce one, the Coast Classic is nevertheless a great summer look, with a classically simple construction that lends itself to colorways both subtle and complex. In fact the latest version, the Nike Coast Classic nike Free Run SP Black/White Gingham, goes for subtle and complex on the same shoe, with black suede on the toe and heelcap sitting atop a classic vulc rubber sole,
You should seek help. Seek help.
Idiots bought every 'tech' the 'smart' bs all the 'wireless' bs the 'ipv6' 'internet of things' is a Weapon, they have been spraying us with nano chip chemtrails, you have been far more than just 'chipped', You are now on the 'internet of things' you breath the nano chips the myriad particulate designed to self assemble into 'morgellons' fiber optics inside of you. Done. Don't bother looking it up all the bullshit sites run by them, 'morgellons' was proven in study, they pointed to one fraction similar to lyme, lyme was made in a lab same with their other weapons. It is far more than 'lyme' disease. So called ipv6 is brain rape, already test attached to the auto 'ai' kill system. Idiots get off your ass, see -fake acting - post above.
Add these with others in post above
-archive.org/details/DontTalkAboutTheWeather_451 The haze in the air is nano chips, other content- www.willthomasonline.net/Nano_Chemtrails.html - the contents far more than described, we're breathing the nano chips, other content. For 'wireless' brain surveillance and control by 'smart grid' and control of those leftover from virus kill.
They also sprayed a virus that's going to kill other races but not jews. newworldwar.org/chemical.htm - ignore notes at bottom, skip rest of site.
http://67.225.133.110/~gbpprorg/judicial-inc/Jews_and_KKK.htm
And of course this already in first post though to slam it in your Face again-
http://67.225.133.110/~gbpprorg/judicial-inc/Coure_d_Arlene.htm fake 'neo nazis'
http://balder.org/judea/Hate-Speech-Laws-Immigration-Jewish-Influence-USA.php
-mass destruction by mass immigration while jew rule and kill everyone.
The jew bullshit 'conspiracy theory' meem to distract from their tribe, idiots parroted 'wel if I'm not doin anything wrong then...' idiots, now you're being brain raped, soon to be slaughtered, that's the POINT of privacy is so you have prvacy to plan and stop those who are planning to kill you. Now you're being SPRAYED. The jews have all the resources all the weapons they don't need your useless ass anymore. They will cull race by race until none left but the jews and their chinese 'morgellons' transhuman' slaves.
Don't bother searching, you just waste time on fake 'jew truther' sites run by jews. The links I've given are the cleanest there are and even so some are jew sites that put up the info so you 'follow' and waste time. copy the info, get off the web, give links to others, put links on notes hand out to meet people. No one will do it for you, grow up, make your own tribes