Slashdot Mirror

← Back to Stories (view on slashdot.org)

A Massive Botnet of CCTV Cameras Involved In Ferocious DDoS Attacks (softpedia.com)

Posted by BeauHD on from the error-loading-webpage dept.

An anonymous reader writes: "A botnet of over 25,000 bots is at the heart of recent DDoS attacks that are ferociously attacking businesses across the world with massive Layer 7 DDoS attacks that are overwhelming Web servers, occupying their resources and eventually crashing websites," reports Softpedia. This botnet's particularity is the fact that attacks never fluctuated and the attackers managed to keep a steady rhythm. This is not a classic botnet of infected computers that go on and off, but of compromised CCTV systems that are always on and available for attacks. The brands of CCTV DVRs involved in these attacks are the same highlighted in a report by a security researcher this winter, who discovered a backdoor in the firmware of 70 different CCTV DVR vendors. These companies had bought unbranded DVRs from Chinese firm TVT. When informed of the firmware issues, TVT ignored the researcher and the issues were never fixed, leading to crooks creating this huge botnet.

1 of 79 comments (clear)

  1. Re: Network Design Flaw by Anonymous Coward · · Score: 1, Interesting

    The problem is that all these IoT things are being built conveniently using stock Linux kernels on top of cheap CPUs. This is general compute hardware in the most general sense - whole PCs serving really simple purposes. The reasons for this is simple; the skills required to assemble a kernel to perform a particular task are reasonably well known. There's lots of programmers around that can duct-tape together a system with these things.

    These systems could be made much more secure if they could execute their operations from read-only memory. The problem is most places like to leave the door open for firmware updates in case they screwed up. The internet promised a lot of things with regards to the ability to upgrade and fix software after release but all it really did was drive down the risk of writing crap software. Companies respond to reduced risk by de-prioritizing said work. Ergo the net result of the internet has been to drive down software quality as a whole. And here we are, with shitty software aplenty.

    The only people interested in patching a system that's already been sold are the malware authors - the vendor has long since shifted their product focus elsewhere. In time all devices will be compromised and that will be the effective running state of the whole Internet.