A company that makes webcams used in a cyber attack that led to a massive web outage (opens in new tab) last week is recalling the connected cameras.
Friday's attack saw some of the biggest players on the internet - Twitter, Reddit, Spotify, and Netflix, to name a few - go down as the result of a distributed denial of service (DDoS) attack on Dyn, a domain name system provider (DNS).
Chinese electronics firm Hangzhou Xiongmai is recalling webcams in the US after the home cameras were identified as being soldiers in the assault, according to the BBC (opens in new tab). The cameras still had their default passwords set, the company said, making them easy targets for hacking.
With the help of two other firms, Dyn confirmed (opens in new tab) the attack was launched at least in part by Internet of Things devices, such as Hangzhou Xiongmai's webcams, that belong to a network of bots infected with a malware called Mirai.
Mirai, according to cyber crime and security expert Brian Krebs (opens in new tab), targets vulnerable IoT products that still have factory default or hard-coded usernames and passwords.
Once infected, the IoT devices can be used to overwhelm their mark with malicious traffic, bringing sites tied to the DNS down with it.
The recall specifically focuses on the circuitry and components produced by Hangzhou Xiongmai for the webcams, as noted by the BBC.
We've asked the firm for more details on the recall, including what customers can do now, but haven't heard back yet. The company does plan on sending out a software patch to help strengthen its products against future attack.
What's more, Hangzhou Xiongmai said it intends to improve its use of passwords, a move that ideally steals its cameras against future botnet infiltration.
This is the first device recall we've heard word of since Friday's attack, though infected webcams aren't wholly to blame - security firm Flashpoint confirmed some of the devices used were DVRs.
Now that we've seen how destructive turning the connected devices in our homes against the web can be, hopefully more firms take steps to shore up security. Otherwise, we're likely in for many more attacks like last week's that cripple the internet.
While we have you, it might be a good idea to change any default passwords you have on your devices. Just in case.
- Here are the best webcams (opens in new tab) around