Last Friday, a massive Distributed Denial of Service (DDoS) attack took down several major internet sites. It is now believed that Chinese electronics component manufacturer, Hangzhou Xiongmai Technology, a vendor behind internet-connected cameras and DVRs, may have played an inadvertent role in the attack.
It has been found that weak default passwords in the company’s products allowed malware called Mirai to infect the devices. This, in turn, created botnets which slowed or prevented access to sites such as Twitter, Spotify, PayPal and others. Although newer versions of the products require users to create new passwords when using them for the first time, older versions may still be vulnerable.
Dyn, the DNS service provider targeted in the assault, say that the botnets from Mirai malware were at least partly responsible for the downtime. It is the same Malware that took down the website of Brian Krebs, a well-known cybersecurity reporter, last month.