The Broadband Guide
search advanced
 forgot password?

DDoS attackers use large CCTV botnet for attacks

2016-06-29 16:57 by
Tags: ,


Security company Securi has warned of a new kind of DDoS attack, which involves digital video recorders and CCTV cameras. The company observed the traffic of a jewellery shop website and found out that over 25,000 hacked internet-connected CCTV cameras are being used for a denial-of-service botnet. The DDoS had been generating 35,000 HTTP requests per second.

"It all started with a small bricks and mortar jewellery shop that signed up with us to help protect their site from a DDoS that had taken them down for days. By switching their DNS to the Sucuri Network, we were able to quickly mitigate the attack for them," the company said in a blog post.

"It was a layer 7 attack (HTTP flood) generating close to 35,000 HTTP requests per second which was more than their web servers could handle. Normally, this would be the end of the story. The attack would be mitigated, the attackers would move on after a few hours, and the website owner would be happy.

"It is not new that attackers have been using IoT devices to start their DDoS campaigns. However, we have not analyzed one that leveraged only CCTV devices and was still able to generate this quantity of requests for so long."

Sucuri believes the CCTV devices may have been hacked via the remote code execution (RCE) flaw recently found to affect CCTV-DVR devices sold by some vendors.

Read more -here-


  Post your review/comments
News Glossary of Terms FAQs Polls Cool Links SpeedGuide Teams SG Premium Services SG Gear Store
Registry Tweaks Broadband Tools Downloads/Patches Broadband Hardware SG Ports Database Security Default Passwords User Stories
Broadband Routers Wireless Firewalls / VPNs Software Hardware User Reviews
Broadband Security Editorials General User Articles Quick Reference
Broadband Forums General Discussions
Advertising Awards Link to us Server Statistics Helping SG About