It’s being reported that a malware author by the name of EliteLands is currently building a botnet named “Death” by targeting unpatched AVTech devices. The hacker is using an exploit for these devices that was published back in late 2016. The exploit targets 14 well-known vulnerabilities in the firmware shared by several AVTech device types, such as DVRs, NVRs, IP cameras, and more. These older firmware versions expose AVTech device passwords in cleartext and allow an unauthenticated attacker to add users to existing devices.
Nadav Avital, Threat Research Manager at Imperva:
“This is not the first (or last) botnet abusing the poor security standards in a lot of IoT devices. The problem is that despite all those attacks, many of these devices still remain unpatched and unprotected.
IoT devices suffer from two inherent problems that make them more susceptible to hacking. First, they are designed and built with little to no security in mind; IoT vendors prefer simplicity and usability over security. The second problem is that IoT devices are difficult to patch, and owners are usually neither technology nor security oriented, making them less likely to update their devices.”