Chinese company recalls cameras after massive cyberattacks

Xiongmai denies allegations that its products played a large role in the massive DDoS attack last week and says it will recall the cameras as a part of its “social responsibility.”

Photo by: AP
Photo by: AP

The surveillance cameras were among the internet-enabled devices which were used in the cyberattack that brought down Twitter, Spotify and other popular services.

Chinese electronic marker, Hangzhou Xiongmai Technology Co, said it will recall around 10,000 webcams sold in US market after they played a key role along with other internet-enabled devices in Frida's devastating cyber attack. 

Suspected hackers targeted the US based Dyn Internet performance management company on Friday, hitting its server infrastructure by a Distributed Denial of Service (DDoS) attack.

The attack temporarily blocked several popular sites such as Reddit, Twitter, PayPal, Netflix and Spotify through smart home devices, including those made by the China-based company.

Xiongmai announced on Monday, they would recall the cameras as a part of its “social responsibility.”

The manufacturer said the password function of the products will be strengthened and sent back to the users. It also added that the biggest issue which the users faced is the unchangeable default password.

In a statement, the company denied the allegations that its products had played a large role in the massive attack.

"Security issues are a problem facing all mankind. Since industry giants have experienced them, Xiongmai is not afraid to experience them once, too," it said.   

The US Department of Homeland Security (DHS) said it had discussed the attacks in a conference call with 18 major communications service providers and was working to develop a new set of "strategic principles" for securing internet-connected devices.

White House spokesman Josh Earnest said he has no information about who are responsible for the disruption. 

A collective hacker group,called as New World Hackers claimed on Twitter that they were behind the attack.

“We didn’t do this to attract federal agents, only test power,” two collective members of the group who identified themselves as “Prophet” and “Zain” told Associated Press via Twitter direct message exchange.

They also claimed that 10 members of the group participated in the attack. The claim has not been verified yet.

“Internet of things” devices are vulnerable to resist cyber-attacks

The DDOS attacks have become very popular in recent months following the common usage of the  Smart” internet-connected devices also known as  “Internet of Things” (IoT).

Even those devices make things easier by connecting everything from your fridge to toast maker, they are under risk through bad security practices, experts says.

Users are not allowed to install a firewall on the devices due to a lack of capacity.

Liu Yuexin, Xiongmai's marketing director, said the company would recall the first few batches of surveillance cameras made in 2014 that monitor rooms or shops for personal, rather than industrial, use.

Xiongmai had now fixed loopholes in earlier products, prompting users to change default passwords and block telnet access, Liu said.

He declined to give an exact number of vulnerable devices, but estimated it at fewer than 10,000.

Xiongmai devices were unlikely to suffer similar attacks in China and elsewhere outside the United States, where they are typically used in more secure industrial networks, Liu said.

"Most of our products in China are industrial devices used within a closed intranet only," Liu said. "Those in the US are consumer devices exposed in the public domain."


TRTWorld and agencies