The Mirai virus has long been nesting in surveillance cameras on the corporate network to recruit devices for a botnet. Since the affected cameras are no longer supported, the leak cannot be closed.

As Akamai has discovered, hackers have been actively exploiting a vulnerability in surveillance cameras made by the Taiwanese brand Avtech since March. The cameras are used as a channel to infiltrate the Mirai virus into the connected network. An additional difficulty: the leak can no longer be stopped.

Mirai is a commonly used virus to create “botnets”. Attackers target older, vulnerable devices connected to a network to spread the virus. The vector device can be used to add more devices to the botnet. This botnet is then published on a website to force a DDoS attack.

This security hole in surveillance cameras uses a similar method. The vulnerability is said to be five years old, but seems to have only just been discovered. You can read a detailed technical description on the Akamai blog.

Not patchable

Normally, we recommend patching vulnerable devices as soon as possible. But that will be difficult in this case. The vulnerable AVM1203 surveillance camera is no longer supported by the Taiwanese manufacturer. In other words, the company will have little desire to develop and roll out a patch. Anyone using this type of surveillance camera will have to buy a newer model.

This vulnerability highlights the risks of IoT and smart home devices. Any device you connect to your home or office network can be an open door for intruders if the devices are not properly secured. Keep devices up to date and only buy products from reputable vendors.