undefined | Better HN

0 pointsnickthemagicman9y ago0 comments

Wow. That means the same culprits are still out there with their botnet? And it's still growing?

0 comments

The code for it has been released on Github, so there are now likely to be many botnets.

I'm not too sure. I have heard that the attack also fixed the security vulnerability (changing the default root password) after installing the back door so other people cannot use it.

Although the source code is out there, those will not be able to control all those devices.

nerdy9y ago

I'm not sure. Maybe that's the case for the passwords which can be changed via the administrative app but I read many of these are in firmware and not able to be disabled or changed:

“The issue with these particular devices is that a user cannot feasibly change this password,” Flashpoint’s Zach Wikholm told KrebsOnSecurity. “The password is hardcoded into the firmware, and the tools necessary to disable it are not present.

- https://krebsonsecurity.com/2016/10/hacked-cameras-dvrs-powe...

That's not to say it couldn't flash the devices but I don't recall seeing that capability in the Mirai source and haven't read about it doing so.

nickthemagicmanOP9y ago

Lol. Thats insane!

j / k navigate · click thread line to collapse