Recent content by pc1

  1. pc1

    MyCommerce/Digital River meltdown

    Something else to keep in mind with credit card purchases like this, I've always used the "virtual card" feature that my visa offers, so that I can choose to lock that card to prevent any automatic future payments (i.e. auto-renewals). I did that in this case so that Ecommerce/DigitalRiver cant...
  2. pc1

    MyCommerce/Digital River meltdown

    On 2024-08-10 I purchased a copy of Blue Iris for a new build I was doing, it was purchased via Amazon, Amcrest store (https://www.amazon.com/gp/product/B07TS9N4RM). Is it correct to assume that this transaction was not affected by the MyCommerce/DigitalRiver scam?
  3. pc1

    Malware in EmpireTech IPC-Color4K-T webplugin.exe

    It's been over a month, any updates from their cybersecurity team, and/or McAfee?
  4. pc1

    Malware in EmpireTech IPC-Color4K-T webplugin.exe

    Thanks EMPIRETECANDY for confirming that the plugin is built-in (i.e. a firmware update will have no effect on it), and that the functionality of the camera's "sophisticated settings" are dependent on installing the plugin. Regarding your McAfee comment, it does not appear to relate to the...
  5. pc1

    Malware in EmpireTech IPC-Color4K-T webplugin.exe

    Here's another threat analysis https://hybrid-analysis.com/sample/469705fb3df80c89c67927f4d07e0b3a22ce19811272e86789c18e26e35a8add?environmentId=160 I've also anonymously submitted the plugin to CISA's new next-gen analysis (Malware Next-Generation Analysis | CISA). If any U.S. citizen here...
  6. pc1

    Malware in EmpireTech IPC-Color4K-T webplugin.exe

    You're implying awareness that the firmware and plugin are separate, I'm curious as to how you determined that? A careful and simple step when evaluating a camera is to download the firmware from the vendor support site, and check it. Then, even if the camera claims it has the same version...
  7. pc1

    Malware in EmpireTech IPC-Color4K-T webplugin.exe

    No worries. However the issue is not whether it's possible to get the plugin to safely enable features, the higher level concern is that the plugin as provided to the general user base includes a high risk component. The camera model is stated in the title of this thread, IPC-Color4K-T...
  8. pc1

    Malware in EmpireTech IPC-Color4K-T webplugin.exe

    1: Please check the sha256 hash of your ITC413 plugin. If it's not 469705fb3df80c89c67927f4d07e0b3a22ce19811272e86789c18e26e35a8add, it's not the same plugin as used in the IPC-Color4K-T 2: see post 18 3: see post 11
  9. pc1

    Malware in EmpireTech IPC-Color4K-T webplugin.exe

    1: See attached pdf file, listing the contents of the extracted plugin. Please advise which file(s) you identify as the actual plugin, and how you would install it. 2: The plugin is apparently required for some of the advanced useful features to function. (post 21)
  10. pc1

    Malware in EmpireTech IPC-Color4K-T webplugin.exe

    fyi, I've separately pinged Empire Tech and the amazon seller, asking them to comment on the situation. If/when they respond I'll post it in this thread.
  11. pc1

    Malware in EmpireTech IPC-Color4K-T webplugin.exe

    My isolated testing environment always starts with a clean os image, the chance of something else on the computer as an infection source is highly unlikely.
  12. pc1

    Malware in EmpireTech IPC-Color4K-T webplugin.exe

    Thanks, I understand that some vendors on virustotal are less rigorous and will generate a false positive based on loose heuristics. I've seen other webplugins from various cameras with a few low confidence virustotal hits, and they're fine. This one however lights up way too many vendor...
  13. pc1

    Malware in EmpireTech IPC-Color4K-T webplugin.exe

    The browser is chrome Version 122.0.6261.129 (Official Build) (64-bit), win10 pro current update. I also have many other cams (Amcrest) that display fine in chrome without a plugin, however this camera has a jittery display in chrome, and it then prompts the user to download and install the...
  14. pc1

    Malware in EmpireTech IPC-Color4K-T webplugin.exe

    I recently bought this camera from Amazon, new condition and sold by "EmpireTech-Andy". I setup the camera in an isolated environment, and during setup the camera prompts you to download (from the cameras embedded firmware) the webplugin.exe file to enable viewing imaging in a browser. After...
  15. pc1

    Admin interface won't start after app hang/close.

    I may have resolved this myself, I'll describe it here in the chance others may find it useful. I manually stopped the BlueIris service, then I could successfully launch the BI admin console. The BI service also then restarted automatically.
See more
Top Bottom