FBI warns over new malware targeting webcams and DVRs

The FBI warned about the existence of new HiatusRAT malware
The malware can take over devices and grant remote access
Hackers are also targeting government agencies with it

A new Remote Access Trojan (RAT) malware has been detected targeting Chinese-branded web cameras and DVRs used in Western companies.

HiatusRAT, and it allows threat actors to “take over and control a targeted device from a distance”, says the FBI, which released a new Private Industry Notification (PIN) warning Hiatus’ operatives most likely kicked off their campaign in July 2022, and were looking to spy on US government organizations.

“Cybersecurity companies have also observed these actors using the malware to target a range of Taiwan-based organizations and to carry out reconnaissance against a US government server used for submitting and retrieving defense contract proposals,” the PIN says.

DVRs and web cams

The PIN noted the attackers were especially targeting web cameras and DVRs with known vulnerabilities, especially those who reached end-of-life, and those whose vendors are yet to patch the flaws.

Xiongmai and Hikvision were some of the names mentioned in the PIN, although the wording suggests that there are more vendors whose equipment is being targeted.

The FBI also said HiatusRAT scanned for IoT devices in the US, Australia, Canada, New Zealand, and the UK, for flaws including CVE-2017-7921, CVE-2018-9995, CVE-2020-25078, CVE-2021-33044, CVE-2021-36260. The crooks were also looking for devices with weak vendor-supplied passwords.

To run the scans, the attackers apparently used off-the-shelf, open-source software: “They used Ingram — a webcam-scanning tool available on Github — to conduct scanning activity,” the FBI said. “And they used Medusa — an open-source brute-force authentication cracking tool — to target Hikvision cameras with telnet access. Targeted TCP ports have included: 23, 26, 554, 2323, 567, 5523, 8080, 9530, and 56575.”

https://cdn.mos.cms.futurecdn.net/kRtHbjAFn8eddN3sLMFXLV-1200-80.jpg

Source link

‘Vanity metrics’ are jeopardizing AI ROI

Why is OpenClaw so popular in China?

Russian iPhone users lose Apple ID payments as Kremlin escalates VPN crackdown

‘We are growing revenue four times faster than the companies who defined the Internet and mobile eras’: OpenAI says it’s making $2 billion a...

Ex-Israeli Intelligence Official: Shockwaves of Trump’s “Take Over Gaza” Heard, Felt Across Region

What UK political parties are promising in the 2019 general election

Otto Warmbier’s parents want North Korea to suffer for their son’s death

Could a ‘youthquake’ cause Boris Johnson to lose the general election?

‘Shrinking’ Season 2 Just Dropped a Bombshell Twist That Changes Everything for Liz and Derek

Resident Evil Reboot Movie Director Zach Cregger Knows the Lore Fans Are Watching

Why Was Megan Thee Stallion Hospitalized After ‘Moulin Rouge’? Updates – Hollywood Life

Cannes: Pierre Salvadori’s ‘The Electric Kiss’ Unveiled As Opening Film

The biggest mistake CEOs make with AI has nothing to do with the technology

Lake Street upgrades Lensar stock rating to buy after merger termination

Down Arrow Button Icon

Form DEF 14A HEXCEL CORPORATION For: 1 April

The YouTuber who has become one of Gen Z’s most beloved celebrities

26 last-minute holiday gifts that are still thoughtful and unique

Practicing gratitude regularly can make you less stressed and sleep better

8 things millennials wish you would just stop getting them for the holidays

FBI warns over new malware targeting webcams and DVRs

‘Shrinking’ Season 2 Just Dropped a Bombshell Twist That Changes Everything for Liz and Derek

The biggest mistake CEOs make with AI has nothing to do with the technology

‘Vanity metrics’ are jeopardizing AI ROI

Resident Evil Reboot Movie Director Zach Cregger Knows the Lore Fans Are Watching