Menu
What's new

Hikvision Hack

Cacciato

Cacciato

n3wb
Joined
Sep 25, 2017
Messages
2
Reaction score
1
Hello, I'm looking for some advice. I have several grey box Hikvision 2032's. A few days ago one went offline after a year. I found the IP back to default so I reset the camera and brought it back online. Today I found the camera video darker than normal and when I brought it up I found the camera name had been changed to "HACKED". Each camera has the default Admin account but all camera's have a fairly difficult password. I've changed all passwords again to an even more difficult password but not sure that is protecting me if there is some backdoor. I disabled the camera in BlueIris and unplugged it. Upgrading to the latest firmware is not possible since most of the camera's are chinese. Also, when I adjust the brightness of the camera back to 50% it gets reset to 0. It would seem to me the person or persons that hacked this camera wanted me to know since they changed the camera name and change the brightness of the camera. Any thoughts.
Thanks,
 
Mike A.

Mike A.

Known around here
Joined
May 6, 2017
Messages
3,828
Reaction score
6,387
See here:

Backdoor found in Hikvision cameras

Changing the password won't help. It bypasses that. Need to stop the port forwarding to that and other cameras and BI assuming that's how you're set up. You were fortunate that they were relatively 'nice' about it. Take it as an opportunity to switch over to VPN without having had to go through a harder lesson.
 
fenderman

fenderman

Staff member
Joined
Mar 9, 2014
Messages
36,902
Reaction score
21,274
Cacciato said:
Hello, I'm looking for some advice. I have several grey box Hikvision 2032's. A few days ago one went offline after a year. I found the IP back to default so I reset the camera and brought it back online. Today I found the camera video darker than normal and when I brought it up I found the camera name had been changed to "HACKED". Each camera has the default Admin account but all camera's have a fairly difficult password. I've changed all passwords again to an even more difficult password but not sure that is protecting me if there is some backdoor. I disabled the camera in BlueIris and unplugged it. Upgrading to the latest firmware is not possible since most of the camera's are chinese. Also, when I adjust the brightness of the camera back to 50% it gets reset to 0. It would seem to me the person or persons that hacked this camera wanted me to know since they changed the camera name and change the brightness of the camera. Any thoughts.
Thanks,
Click to expand...
your mistake was port forwarding/upnp the cameras...ZERO need to do that with blue iris...disable upnp on cam and router....disable all camera port forwards.
 
You must log in or register to reply here.
Top