A few months ago, a loophole was discovered in the firmware of some of the recording equipment manufactured by Dahua. This loophole, in the less recent versions, could potentially be used to access and install malicious software, especially in those recorders which still use the default username and password or where the new password is way too simple.

cabecera coaxial

As a result, the manufacturer launched a series of new firmware for all compromised devices, thereby solving the problem by updating the recorders to a new version of firmware and changing the passwords to less predictable ones.

In addition, advice and procedures were published to assist in avoiding such events. See this link for more information.

At the beginning of July 2017, a new attack was detected, this time affecting devices with a non-current firmware and also taking advantage of the more uncomplicated passwords. The result of this new attack is far more visual since it replaces the name of each of the recorders video channels with the word Hacked.

5n1

During September 2017 a new wave of this same attack has emerged which is infecting devices which still haven’t had their security measures updated as recommended.

Fortunately, these attacks either have a very simple solution or do not affect, in any way, recording devices distributed by Visiotech.

  • The Safire brand is immune to such attacks thanks to the implementation, at the factory, of specially developed security mechanisms within the firmware to prevent the use of default passwords and as such avoid this type of incident.
  • There are no reports of any effective attack on X-Security recorders largely due to the fact that these already incorporate firmware updates from the factory. We advise that all users to follow the recommendations of always using complex passwords to avoid unwanted access.
  • Branded recorders with up-to-date firmware are not affected, but password security measures should be increased following the advice in the best practice guide and update recorders to the latest firmware versions which are available in the Visiotech Academy
modelos disponibles

In case you have a recorder which has been affected by a malware attack from the Internet, the steps to solve the problem are:

  • Access the recorder and from the Setup section go to > System> Default, and return the recorder to the factory default settings.
  • In case some channels are still showing “Hacked”, then you should go through each of the configuration menus and select the Default option, this will reset that section’s parameters, then press Save.
  • Download from the Visiotech Academy the latest firmware for the recorder model in question and update the recorder from the Configuration section go to > System> Update
  • With the firmware updated and after restarting, return the recorder again to the factory default settings.
  • Set a non-predictable password for all users, ensure that this has sufficient length (at least 8 characters) and complexity (mix numbers and letters).
  • It is important to repeat the previous step and reset the passwords even for local users (especially the default 888888 non-admin user) and it is also advisable to eliminate any users which will not be used.
  • If your Router has any open IP ports, make sure that they are only the ones which are absolutely necessary. Also modify any default port numbers, especially port 37777.

In the short term, we will incorporate new updated firmware versions for more, potentially vulnerable, models.

5n1

Visiotech recommends you revise the passwords of any device connected to the internet and upgrade these to the latest firmware version. In case you require any additional assistance or information, our Customer Service Centre is available to all Visiotech customers through the usual channels.