Chinese video surveillance manufacturer, Hangzhou Xiongmai Technology, says its components were inadvertently involved in the massive distributed denial-of-service (DDoS) attack on Oct. 21 that caused unprecedented internet outages across the United States.
Security vulnerabilities involving weak default passwords in its products were partly to blame. Malware known as “Mirai” enslaved IoT devices to form a massive connected network. The devices were then used to bombard websites with requests, overloading the sites and effectively taking them offline.
“Mirai is a huge disaster for the Internet of Things,” says Xiongmai in an email to IDG News Service. “(We) have to admit that our products also suffered from hacker’s break-in and illegal use.”
To stop the Mirai malware, Xiongmai is advising customers to update their product’s firmware and change the default username and passwords to them.