• FBI warns over new malware targeting webcams and DVRs

    From TechnologyDaily@1337:1/100 to All on Tuesday, December 17, 2024 14:15:05
    FBI warns over new malware targeting webcams and DVRs

    Date:
    Tue, 17 Dec 2024 14:02:00 +0000

    Description:
    FBI has a warned government agencies to be on their guard.

    FULL STORY ======================================================================The FBI warned about the existence of new HiatusRAT malware The malware can take over devices and grant remote access Hackers are also targeting government
    agencies with it

    A new Remote Access Trojan (RAT) malware has been detected targeting Chinese-branded web cameras and DVRs used in Western companies.

    HiatusRAT, and it allows threat actors to take over and control a targeted device from a distance, says the FBI, which released a new Private Industry Notification (PIN) warning Hiatus operatives most likely kicked off their campaign in July 2022, and were looking to spy on US government
    organizations.

    Cybersecurity companies have also observed these actors using the malware to target a range of Taiwan-based organizations and to carry out reconnaissance against a US government server used for submitting and retrieving defense contract proposals, the PIN says. DVRs and web cams

    The PIN noted the attackers were especially targeting web cameras and DVRs with known vulnerabilities, especially those who reached end-of-life, and those whose vendors are yet to patch the flaws.

    Xiongmai and Hikvision were some of the names mentioned in the PIN, although the wording suggests that there are more vendors whose equipment is being targeted.

    The FBI also said HiatusRAT scanned for IoT devices in the US, Australia, Canada, New Zealand, and the UK, for flaws including CVE-2017-7921, CVE-2018-9995, CVE-2020-25078, CVE-2021-33044, CVE-2021-36260. The crooks
    were also looking for devices with weak vendor-supplied passwords.

    To run the scans, the attackers apparently used off-the-shelf, open-source software: They used Ingram a webcam-scanning tool available on Github to conduct scanning activity, the FBI said. And they used Medusa an open-source brute-force authentication cracking tool to target Hikvision cameras with telnet access. Targeted TCP ports have included: 23, 26, 554, 2323, 567,
    5523, 8080, 9530, and 56575. You might also like Another new router malware
    is sniffing around for your login details Here's a list of the best antivirus These are the best endpoint protection tools right now



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/fbi-warns-over-new-malware-targeting-we bcams-and-dvrs


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)