Chinese Manufacturer XiongMai Recalls Flawed IP Cameras That Were To Blame In Friday's IoT DDoS Attack

On Friday, DNS provider Dyn was walloped by a massive DDoS botnet attack which slowed down or completely sidelined major websites like Amazon, Twitter, and The New York Times. The attack was carried out using improperly configured Internet of Things (IoT) devices that were zombified by Mirai malware.

In this particular case, however, the majority of the IoT devices used in the botnet were webcams made by China-based XiongMai Technologies. "It’s remarkable that virtually an entire company’s product line has just been turned into a botnet that is now attacking the United States," said Flashpoint research director Allison Nixon.

With all of the attention be thrust onto XiongMai, the company acknowledged over the weekend that it was an unwitting participant in the Dyn attack. And as a result, it will recall some of its products that cannot be fixed with a firmware update. The company’s IoT products produced after September 2015 are not susceptible to being exploited by malicious parties.


“Mirai is a huge disaster for the 'Internet of Things,'" said a representative for XiongMai in an emailed statement to CNNMoney. "[We] have to admit that our products also suffered from hackers' break-in and illegal use."

XiongMai puts part of the blame on users who failed to change the default password for their devices, thus allowing hackers to easily compromise webcams for use in botnet operations. But the company isn’t citing user ineptitude as a reason to wiggle out of its responsibilities. "Security issues are a problem facing all mankind," said the company. "Since industry giants have experienced them, Xiongmai is not afraid to experience them once, too."

In early October, security researcher Brian Krebs’ popular site was flooded with 620 Gbps of traffic by the Mirai botnet, knocking it offline (and drawing the wrath of his hosting company). Not long after, French hosting provider OVH was pounded with 1 Tbps of traffic which led to service interruptions.

Tags:  botnet, DDoS, mirai, xiongmai