back to article 414,949 D-Link cameras, IoT devices can be hijacked over the net

Shodan has turned up half a million D-Link devices exposed to the internet, and subject to easy hijacking using zero-day vulnerabilities. The stack overflow vulnerabilities affect more than 120 D-Link products, from Wi-Fi cameras to routers and modems, and allow remote attackers to completely hijack the administer account of …

  1. Sebastian A

    So, shall we play a game of "Accidental or intentional"? Was it incompetence or malice? Unfortunately, the end result is much the same for the consumer.

    1. Mark 85

      But until lawsuits get filed and the lawyers sort it out, we'll never know which it is. Still ends up with the same result for customers...

      1. Oengus

        When lawsuits get filed and the lawyers get paid, we still won't know which it really was. Still ends up with the same result for customers...

  2. Anonymous Coward
    Anonymous Coward

    Telescreen prototypes?

    A bit to the right, a bit to the left.....thank you citizen

  3. Anonymous Coward
    Devil

    Your wifi cam is not directly accessible from the internet

    These devices (and I have some myself) are behind firewalls -- so they are not that easy to access unless you are already on the wifi where the device is running.

    However it does make a good scary news story

    1. Mike 125

      Re: Your wifi cam is not directly accessible from the internet

      >>These devices (and I have some myself) are behind firewalls

      And so is your computer, so that's ok then. What *can* everyone be worried about. Beats me.

    2. gyterpena

      Re: Your wifi cam is not directly accessible from the internet

      Unless they support UPnP and you didn't disable it on your router. Then it is possible that your LAN side IP camera instructs your router to forward certain ports to it.

      1. energystar
        Headmaster

        Re: Your wifi cam is not directly accessible from the internet

        UPnP been a mess from the beginning. Disable it at every Service Interface.

        1. choleric

          Re: Your wifi cam is not directly accessible from the internet

          Yep. A little "upnp: not supported" notification on a device that can manage quite well without it is better than a "you've been pwned" notification any day of the week.

    3. JohnG

      Re: Your wifi cam is not directly accessible from the internet

      "These devices (and I have some myself) are behind firewalls -- so they are not that easy to access unless you are already on the wifi where the device is running."

      And the punter follows the manufacturer's instructions so that he or she can view their baby/pet/nanny from work and bob's your uncle, their webcam is exposed to the Internet.

      1. Danny 14

        Re: Your wifi cam is not directly accessible from the internet

        Since the article clearly states that a certain percentage of the affected products ARE on the internet to begin with. Doesnt the article also state routers are affected? So if you bought a router/camera bundle?

      2. razorfishsl

        Re: Your wifi cam is not directly accessible from the internet

        Mouth is open , should be closed Nursey.

        Devices behind firewalls are accessible, its called a reflection attack.

  4. Anonymous Coward
    Anonymous Coward

    This is what happens...

    ...when you allow state sponsored surveillance and outsource your IT to the cheapest offshore code shop

  5. Justicesays

    Sad that

    PC world seems to have more technical information on this issue than this article gives.

    http://www.pcworld.com/article/3092868/code-reuse-exposes-over-120-d-link-devices-models-to-hacking.html

    According to that it's the dcp service, which enables the "mydlink" cloud functionality.

    Listens on port 5978 for those that want to configure their firewalls appropriately.

  6. Marvin O'Gravel Balloon Face

    I've a few of those cheap IP cameras running. Instead of exposing the firmware to the internet I used apache to proxy the static image from the camera, building all the feeds into a single web page which refreshed frequently enough to make it look like a moving picture.

    1. TeeCee Gold badge
      Coat

      That sounds like too much work. Surely it would be simpler to just capture the current still and then, at the other end, hit "refresh" on your browser really, really quickly?

  7. energystar
    Windows

    Embedded Effort never conceived as NETWORKED.

    "Senrio researchers warn of what they describe as the "laughable state" of embedded device security"

    The Embedded Effort never conceived as NETWORKED. These are 'sweet monetization dreams' over once upon a time -reasonable Engineering. Ambition?

  8. NanoMeter

    Search for

    insecam on Google and see how bad it is. I guess people can visit these cams and find a way to log into your network.

  9. Bruce Ordway

    I just assumed

    That all webcams could be hijacked. Why I put tape over the lens.

    1. Seajay#

      Re: I just assumed

      You bought an IP Webcam then put tape over the lens? Wouldn't it be simpler just to not buy it in the first place?

      1. Captain Badmouth

        Re: I just assumed

        It possibly came with a laptop, ready fitted.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like