Over 100,000 internet-connected cameras may be falling prey to a new IoT
malware that’s spreading through recently disclosed vulnerabilities in
the products.
The malware, called Persirai, has been found infecting Chinese-made wireless cameras since last month, security firm Trend Micro said on Tuesday. The malware does so by exploiting flaws in the cameras that a security researcher reported back in March.
The researcher, Pierre Kim, found that the vulnerabilities can allow an attacker to remotely execute code on the cameras, effectively hijacking them.
“It goes to show that the people behind this are probably more aware of how to use these vulnerabilities,” said Jon Clay, Trend Micro’s director of global threat communications.
The security firm estimates that about 120,000 cameras are vulnerable to the malware, based on Shodan, a search engine for internet-connected hardware.
The Persirai malware is infecting the cameras to form a botnet, or an army of enslaved computers. These botnets can launch DDoS attacks, which can overwhelm websites with internet traffic, forcing them offline. Persirai lifts certain functions Mirai relies on to scan the internet for new devices to infect
