These webcams are now being recalled after last week's massive web outage

Change those default passwords

A company that makes webcams used in a cyber attack that led to a massive web outage  last week is recalling the connected cameras. 

Friday's attack saw some of the biggest players on the internet - Twitter, Reddit, Spotify, and Netflix, to name a few - go down as the result of a distributed denial of service (DDoS) attack on Dyn, a domain name system provider (DNS). 

Chinese electronics firm Hangzhou Xiongmai is recalling webcams in the US after the home cameras were identified as being soldiers in the assault, according to the BBC. The cameras still had their default passwords set, the company said, making them easy targets for hacking. 

With the help of two other firms, Dyn confirmed the attack was launched at least in part by Internet of Things devices, such as Hangzhou Xiongmai's webcams, that belong to a network of bots infected with a malware called Mirai. 

Mirai, according to cyber crime and security expert Brian Krebs, targets vulnerable IoT products that still have factory default or hard-coded usernames and passwords.

Once infected, the IoT devices can be used to overwhelm their mark with malicious traffic, bringing sites tied to the DNS down with it. 

Total recall

The recall specifically focuses on the circuitry and components produced by Hangzhou Xiongmai for the webcams, as noted by the BBC. 

We've asked the firm for more details on the recall, including what customers can do now, but haven't heard back yet. The company does plan on sending out a software patch to help strengthen its products against future attack. 

What's more, Hangzhou Xiongmai said it intends to improve its use of passwords, a move that ideally steals its cameras against future botnet infiltration.

This is the first device recall we've heard word of since Friday's attack, though infected webcams aren't wholly to blame - security firm Flashpoint confirmed some of the devices used were DVRs. 

Now that we've seen how destructive turning the connected devices in our homes against the web can be, hopefully more firms take steps to shore up security. Otherwise, we're likely in for many more attacks like last week's that cripple the internet. 

While we have you, it might be a good idea to change any default passwords you have on your devices. Just in case.  

ABOUT THE AUTHOR

Michelle is the Senior News Editor for TechRadar, based in the Bay Area. Covering all things tech, Michelle is obsessed with good handsets, smart machines and self-driving cars. With an eye on every corner of the industry, Michelle aims to bring readers the most useful and entertaining bits about the tech they love.