- 185,000+ IoT security cameras are vulnerable to a new worm Persirai is a new strain of Internet of Things malware that infects more than 1,250 models of security camera, all manufactured by an unnamed Chinese manufacturer that has sold at least 185,000 units worldwide.
- The vulnerability the malware exploits was discovered and documented by Pierre Kim, an independent security researcher, who has located at least 185,000 vulnerable devices using the Shodan search engine.
- The cameras are “overall badly designed with a lot of vulnerabilities” and are sold as “white-label” goods that other companies can brand and sell under a variety of model numbers (this is common with Internet-of-Shit devices, like the insecure PVRs used by criminals to monitor CCTVs in order to plan robberies).
- Persirai alters infected devices to prevent them from being infected by competing strains of malware — this may also offer some protection against the vigilante worms (like Brickerbot) that unknown parties have fielded to infect and permanently shut down vulnerability devices.
- New IoT malware targets 100,000 IP cameras via known flaw [Michael Kan/CSO Online] Multiple vulnerabilities found in Wireless IP Camera (P2P) WIFICAM cameras and vulnerabilities in custom http server [Pierre Kim/IT Security Research by Pierre]
@doctorow: “185,000+ IoT security cameras are vulnerable to a new worm” open tweet »