IPVM - -Hacked Hikvision IP Camera Map

Joined
Nov 4, 2017
Messages
6
Reaction score
9
Location
US
Some of the bullet points under "Users should consider the following lessons" are Timely update your device's firmware, and Do not port forward your devices. This should for the most part should sum up why they get hacked. The back door wasn't broken, it was already open.
 

aristobrat

IPCT Contributor
Joined
Dec 5, 2016
Messages
2,982
Reaction score
3,180
Being able to see an image from each of the cameras really makes the point...
 

Kawboy12R

Known around here
Joined
Nov 18, 2014
Messages
1,771
Reaction score
609
Some people have nice houses inside and some are a mess. Some kindly soul left a message on this camera-

upload_2017-12-19_14-21-39.png
 

Fastb

Known around here
Joined
Feb 9, 2016
Messages
1,342
Reaction score
934
Location
Seattle, Wa
Some kindly soul left a message on this camera-
Kawboy, if you're referring to the "Hacked" message at lower right, I believe all the red flags will have "hacked" in the cam image. The yellow flags are for "vulnerable" hik cams.

Says the ipvm article:
"The interactive map below shows a sample of hacked and vulnerable Hikvision IP cameras across the USA."
and
"There are ~1,800 yellow markers for vulnerable cameras, and ~600 red markers for "HACKED" cameras (note in some cases, the OSD text is disabled, so while the camera name has been altered, it may not be shown in the image)."

Fastb
 

Kawboy12R

Known around here
Joined
Nov 18, 2014
Messages
1,771
Reaction score
609
I noticed that part after clicking on a bunch of flags. Took me a dozen-ish clicks to figure out that red meant hacked and then afterwards read the description of the balloon colours.

edit- Directions? We don't need no steenkin' directions!
 
Last edited:

Kawboy12R

Known around here
Joined
Nov 18, 2014
Messages
1,771
Reaction score
609
They filtered for US only locations, and for some reason only Hik-branded cameras rather than rebranded Hiks. No sense blaming Hikvision for the sins of their partners I guess? It's the parent company's faulty firmware though, so whatever...
 

fenderman

Staff member
Joined
Mar 9, 2014
Messages
36,897
Reaction score
21,250
They filtered for US only locations, and for some reason only Hik-branded cameras rather than rebranded Hiks. No sense blaming Hikvision for the sins of their partners I guess? It's the parent company's faulty firmware though, so whatever...
Its explained in the comments, it added lots of clutter to the map...point is made with hikvision alone and the article mentions that the result would have been over 5k if the 80+ hikvision OEM brands were added...
 

Kawboy12R

Known around here
Joined
Nov 18, 2014
Messages
1,771
Reaction score
609
I saw that. Still, clutter doesn't matter when you zoom in. As for any unmentioned reasons for not outing US-based companies when it took time and effort to remove them? I suspect that as a lawyer you might be able to guess at least one. They made their point in a way least likely to get them sued, although I'm sure some end users of rebrands would prefer to find out that their cams are vulnerable and fix them.
 

fenderman

Staff member
Joined
Mar 9, 2014
Messages
36,897
Reaction score
21,250
I saw that. Still, clutter doesn't matter when you zoom in. As for any unmentioned reasons for not outing US-based companies when it took time and effort to remove them? I suspect that as a lawyer you might be able to guess at least one. They made their point in a way least likely to get them sued, although I'm sure some end users of rebrands would prefer to find out that their cams are vulnerable and fix them.
It has nothing to do with lawsuits...hikvision nor any of the other rebrands have ANY basis for a claim. The article clearly states
OEMs Add more
This map shows only Hikvision-branded cameras, if OEMs are included (see 80+ Hikvision OEM Directory), the map would have 5,000+ points in the US alone.
There is a freaking LINK to all the other rebrands.
Edit: Your logic is also flawed...assuming arguendo there was a basis for a lawsuit, hikvsion could sue them in US courts even if they did not have a presence in the US, which they do.
 

Fastb

Known around here
Joined
Feb 9, 2016
Messages
1,342
Reaction score
934
Location
Seattle, Wa
Kawboy,
Interesting comment. Yes, rebrands were scrubbed from the map, diminishing the visual impact.
Instead of an interactive with ALL hik manufactured cams, a non-interactive jpg might have graphically shown the extent of "vulnerable" and "hacked" systems.

I drilled down to the Seattle area, and looked at the 10 or so locations posted. I was surprised it was so few. I didn't read the article closely enough - a graphic may have caught my attention,, though....
 

Kawboy12R

Known around here
Joined
Nov 18, 2014
Messages
1,771
Reaction score
609
It would, however, reduce the number of potential hotheads, yes?
 

fenderman

Staff member
Joined
Mar 9, 2014
Messages
36,897
Reaction score
21,250
Kawboy,
Interesting comment. Yes, rebrands were scrubbed from the map, diminishing the visual impact.
Instead of an interactive with ALL hik manufactured cams, a non-interactive jpg might have graphically shown the extent of "vulnerable" and "hacked" systems.

I drilled down to the Seattle area, and looked at the 10 or so locations posted. I was surprised it was so few. I didn't read the article closely enough - a graphic may have caught my attention,, though....
This vulnerability only affects cameras directly exposed to the net, not behind vms and or NVR's...additionally by the time this scan was done, many of these cameras were either offline or repaired...most folks would call their installer or take action if "hacked" appears on their feed. The map also relies on Shodan which may have not caught everything..
 
Last edited:

Kawboy12R

Known around here
Joined
Nov 18, 2014
Messages
1,771
Reaction score
609
The less shit disturbed, especially with inflammatory evidence like pics from cameras exposed, the less likely that someone is going to react negatively. Even if it's not IPVM that would take much direct heat, I'd expect that if a group of people, even a small group, or even just a lawyer looking to drum up business, thought that a company would sell consumers cameras, port forward them, and not advise them that they'd been made vulnerable that there's the possibility of a class action lawsuit. US rebranders and/or larger installers would probably stand to lose the most from this. Hikvision just sees flaws and fallout like this as a PR problem that might affect future marketing rather than something to feel guilt over or, gasp, really try and prevent in the future.

I also realize that many of these affected cameras running old unpatched firmware may be unupgradable cheapos bought on the grey market from AliExpress and therefore would have no official standing. Bought as is, where is- buyer beware.
 

fenderman

Staff member
Joined
Mar 9, 2014
Messages
36,897
Reaction score
21,250
The less shit disturbed, especially with inflammatory evidence like pics from cameras exposed, the less likely that someone is going to react negatively. Even if it's not IPVM that would take much direct heat, I'd expect that if a group of people, even a small group, or even just a lawyer looking to drum up business, thought that a company would sell consumers cameras, port forward them, and not advise them that they'd been made vulnerable that there's the possibility of a class action lawsuit. US rebranders and/or larger installers would probably stand to lose the most from this. Hikvision just sees flaws and fallout like this as a PR problem that might affect future marketing rather than something to feel guilt over or, gasp, really try and prevent in the future.

I also realize that many of these affected cameras running old unpatched firmware may be unupgradable cheapos bought on the grey market from AliExpress and therefore would have no official standing. Bought as is, where is- buyer beware.
So now you think he's protecting us based oems? Why? Posted direct links to those oem... He could have locked the entire post... your logic is once again flawed...
 
Top