
CCTV Botnet in Our Own Back Yard - prostoalex
https://www.incapsula.com/blog/cctv-ddos-botnet-back-yard.html
======
rmdoss
Does anyone know how much computing power these cameras have? I would assume
if someone has a botnet with thousands of cameras they would use for something
better (and more lucrative) than just ddos...

* * A bit off topic, but incapsula is a great product if you are looking for a cloudflare substitute. I am actually surprised they not more popular, since product-wise, they seem better.

------
yaur
Based on the strings output, I'm guessing that these are Hikvision DVRs.
Another problem with these things is that you can only set the admin/root
password to a numeric pin through the normal UI and if you use passwd to
change it to something reasonable it becomes impossible to log in through the
normal UI.

Also most users have no idea what telnet is or that there DVR is running it.
These things should really be put on an isolated network/VLAN, but again their
target customers typically have no idea about those things.

