Security News > 2020 > March > Hackers Actively Exploit 0-Day in CCTV Camera Hardware
Multiple zero-day vulnerabilities were actively being exploited in CCTV security cameras manufactured by Taiwan-based LILIN, researchers found.
The company, an IP video solution provider, was being targeted by hackers hijacking the company's DVR hardware.
Once commandeered, hackers then planted malware on devices to run botnets Chalubo, FBot and Moobot.
As for the LILIN DVR vulnerability specifics, one is tied to the DRV's NTPDate computer program.
Similar injection vulnerabilities exist within the software's FTP settings that eventually allow remote access to the "/dvr/cmd" interface through hard-coded account passwords.
News URL
Related news
- Hackers Exploit Job Boards, Stealing Millions of Resumes and Personal Data (source)
- Hackers exploit Ivanti SSRF flaw to deploy new DSLog backdoor (source)
- Hackers exploit critical RCE flaw in Bricks WordPress site builder (source)
- Hackers exploit 14-year-old CMS editor on govt, edu sites for SEO poisoning (source)
- Hackers Exploit ConnectWise ScreenConnect Flaws to Deploy TODDLERSHARK Malware (source)
- Hackers Exploit Misconfigured YARN, Docker, Confluence, Redis Servers for Crypto Mining (source)
- Hackers exploit WordPress plugin flaw to infect 3,300 sites with malware (source)
- Magnet Goblin Hacker Group Leveraging 1-Day Exploits to Deploy Nerbian RAT (source)
- Hackers exploit Windows SmartScreen flaw to drop DarkGate malware (source)
- Hackers exploit Aiohttp bug to find vulnerable networks (source)