Anyone who remembers the Mirai botnet, used to cause widespread internet outages in 2016, might have been forgiven for thinking progress had been made to prevent a similar disaster. But a mysterious botnet, dubbed the “IoT Reaper,” has ballooned in recent days by taking advantage of the same vulnerable, internet-connected cameras as Mirai did. And as cybersecurity experts warn the Reaper could be a bigger threat than its forbears, Forbes has seen firsthand how hacking a CCTV camera can be used not just for web destruction, but Ocean’s 11-style machinations.
In a demonstration hack, Leigh-Anne Galloway, cybersecurity resilience lead at Positive Technologies, abused a flaw in cameras containing code from Chinese manufacturer Dahua. That company’s software can be found, and possibly tampered with, in just over 400,000 devices, as shown on the IoT search engine Shodan. In seconds, Galloway’s exploit allowed her to quickly switch out the real feed for another. It’s not hard to imagine high-tech heists being made significantly easier with such a quick and dirty hack of a CCTV camera.
To read the original articile: https://www.forbes.com/sites/thomasbrewster/2017/10/23/reaper-botnet-hacking-iot-cctv-iot-cctv-cameras/#4083ba3c38f7