News broke out that D-Link, the notorious maker of wireless routers have several vulnerabilities that could allow hackers to exploit the devices in their interest, PCmag has reported.
When it comes to the 21st century and the internet of things (IoT) hackers have begun to set their sight on any internet-enabled device, including web cameras. This was exactly the case with D-Link. The company is advertising products with the claiming they are secure and have advanced mechanisms for protection, however there were multiple flaws that were not so difficult to exploit, concerning their routers and IP cameras.
The Federal Trade Commission (FTC) has reported that guest usernames and passwords can be used in a way that allows for a certain individual or a group to gain access to IP cameras.
Another flaw reported was several exploits that can also grand access via an injection of a script or commands directly on those routers’ firmware which can lead to credentials access and other permissions.
But this is nothing new. The D-Link case is only because of a situation that was linked to the discovery of a critical vulnerability in their firmware which allowed any connected camera to the web to be turned on remotely.
This is just one of the many companies whose devices suffered the consequences of the multiple vulnerabilities that were discovered after IoT malware, such as Mirai botnet hit the world last year on a massive scale.
However, where D-Link went wrong is that the company did not properly secure their devices against widely known vulnerabilities.
D-Link has created multiple different IP cameras on their websites including web cameras designed to work with Apple devices.
This is not the first complaint regarding D-Link, primarily because of other related complaints, such as a complaint back in 2013, regarding the home cameras’ security of the company’s models then. Given the ever-increasing usage of these devices, the FTC may have taken this risk towards consumers into consideration which could be the result of this action.
Many feel concerned that these attacks are not the first ones and more massive DDoS and other attacks on IoT devices are to take place in 2017.