Hikvision camera users said that a message appeared on the system screen saying it was hacked, suspecting that it was hacked.
“On the morning of June 25, while watching the camera, I suddenly saw a strange line of text on the display screen, so I was quite confused,” said Manh Tuan ( Nghe An ). He then posted the photo on a Facebook group about security cameras and received attention. Many people said that their cameras, all of the Hikvision brand, also had the same problem.
A camera system at a gas station in Nghe An showed a strange notification on the afternoon of June 25. Photo: Manh Tuan
In the shared images, the left corner of the video displayed from the camera shows the following English text: “Your security camera is vulnerable and may have been exposed. Please fix the problem soon. Do it yourself or contact me.” The message comes with a Telegram account.
There is currently no information on the number of users in Vietnam affected. However, according to the administrator of a security camera forum with more than 60,000 members, topics related to Hikvision cameras with strange messages began appearing in May and are increasing day by day.
Mr. Nguyen Manh Tuan, Director of Tuan Luu Dung Joint Stock Company, specializing in camera solutions in Nghe An, said that recently, he has recorded many incidents from customers related to the above notice, mostly from households. They mainly use old cameras, do not change the default password and have not updated the firmware for a long time.
Not only in Vietnam, Hikvision security camera users in many places around the world also received similar warnings. On Reddit, related topics attracted thousands of interactions, most of which said that the camera displayed the above message.
A strange message on a Hikvision camera in Indonesia. Photo: Jaeden Wiens/LinkedIn
Amidst the confusion, a Reddit user named Faxociety claimed responsibility. He said he had seen many posts on forums and social media about how to access security cameras without permission, so he wanted to “warn people how vulnerable their cameras are.”
According to Mr. Ngo Minh Hieu, a cybersecurity expert from the Anti-Fraud project, the cameras with this information were attacked by hackers through a security flaw that was warned in 2021, codenamed CVE-2021-36260. The vulnerability was rated 9.8/10 - one of the most serious levels ever seen on an IP camera product. At that time, Hikvision admitted that nearly 80 of its camera and recorder models had vulnerabilities.
It is estimated that more than 100 million Hikvision security cameras worldwide, including Vietnam, are affected. Most of the vulnerable products were manufactured in 2016 or earlier. Hikvision then released a patch and recommended that users update immediately to limit the risk of exploitation.
However, according to Mr. Hieu, many people did not pay attention and did not update the firmware for their devices, nor change the default password, making it easy for hackers to penetrate the system and leave notifications.
According to Mr. Tuan, to fix this, users need to log in to each camera and delete the hacker-created message in the OSD (On Screen Display) interface, then change to a stronger password. Next, it is necessary to delete all port forwarding on the router and disable the UPnP network protocol. However, to avoid similar situations from happening, it is necessary to quickly update the firmware to the latest version.
Last year, experts assessed CVE-2021-36260 as a highly dangerous, large-scale security vulnerability that has been exploited multiple times. Hackers can perform remote code execution attacks without authentication, thereby taking full control of the device. According to Security Week, attackers can access ports on the server without a username or password. The system also does not record this access history. In addition, the camera can also be exploited to attack the user's internal network if it is connected to the network.
Hikvision was founded in 2001 in Zhejiang (China). According to statistics from market research firm IHS Markit, by 2020, Hikvision was the world's largest surveillance camera company, accounting for 38% of the global market share. The company's products focus on AI, serving the construction of smart cities.
Hikvision has been present in the Vietnamese market for many years, providing a variety of products for image surveillance, including security cameras, traffic cameras, thermal cameras, storage recorders, alarm systems, doorbells with screens... In which, the most popular are models with prices ranging from 600,000 to 1.2 million VND. Not only popular in families, these products are also installed in many businesses and projects in Vietnam.
According to Bao Lam/VNE
Source
Comment (0)