Details are beginning to emerge after Friday’s massive attack against DNS host Dyn, which intermittently shut down sites including Twitter, Amazon, Reddit, and Spotify over a period of eleven hours.
On Friday, a Dyn spokesperson said the company’s services had been attacked via tens of millions of IP addresses in what appeared to be a botnet attack known as Mirai, which uses unsecured or easily accessed Internet of Things devices to power DDOS attacks.
Since then, Chinese company Hangzhou Xiongmai has put out a recall for webcams that appear to have been used widely in the attacks, according to a report by the BBC. The company was pinpointed by security officials as providing much of the hardware used in the attack, and the company’s easy-to-crack default passwords may have made the devices easier for attackers to access.
Xiongmai told the BBC that it rejected the assertion that its devices made up the majority of those in the attack, pointing out that security is a concern for many industry leaders. The company also said that attackers were aided because users had not changed their default passwords, a common practice that creates security risks for IoT devices.
Xiongmai said it will send users a software patch to make existing devices more secure and upgrade its password functions.
