Chinese firm recalls products linked to cyberattack
A Chinese electronics component maker is recalling 4.3 million internet-connected camera products from the US market amid claims they may have played a role in last week’s massive internet disruption.
Hangzhou Xiongmai Technology said on Monday that it was recalling earlier models of four kinds of cameras due to a security vulnerability that can make them easy to hack.
Millions of internet users lost access to some of the world’s most popular websites last week after hackers hammered servers along the US East Coast with phony traffic until they crashed, then moved westward.
Security experts said easy-to-guess default passwords, used on Xiongmai webcams, aided the hackers who caused the disruption.
“The main security problem is that users aren’t changing the device’s default passwords,” Xiongmai said in a Chineselanguage statement posted online.
The company rejected suggestions that its webcams made up the bulk of the devices used in the attacks.
“Security issues are a problem facing all mankind,” it said. “Since industry giants have experienced them, Xiongmai is not afraid to experience them once, too.”
According to security firm Flashpoint, malware known as Mirai has been exploiting the products from Xiongmai to launch massive distributed denial-of-service attacks, including the one on Oct 21 that slowed access to many popular sites, including Netflix, PayPal, and Twitter.
Companies observing the disruption said botnets powered by the Mirai malware were at least partly responsible for the attack.