Hacked DAHUA cam and added that names

I also had a AMDVTENL16-S5 16 Channel NVR Dahua on the same network at the cameras. I did not have p2p enabled on that, it doesn't have any extra users added to it. On a side note, while documenting my camera network (ip, model, mac address) I found this NVR on the network I forgot about which was causing my cameras to change their encoding to H265 instead of H264, causing BI to use a lot of CPU time.

Dahua DHI-NVR4116-4KS2/L NVR, 80Mbps/80Mbps (16-Channel Ip Video Inputs)​

I bought this because of the price. I tested it, and would not recommend it to anyone. You can only view 4 cameras at a time on web, a lot of camera disconnect and have to manually be reset.

Yeah, a 16 channel NVR with only 80Mbps bandwidth is robbery. That is way too low.
 
I have a theory, hunch if you will, that the “P2P” hacks mentioned by the OP originated with SmartPSS

I can’t prove it yet, but there seem to be suspicious coincidences with this and the recent abrupt discontinuation of SmartPSS and urgency to switch to SmartPSS Lite, along with disconnecting some older European P2P servers

As someone who ran SmartPSS for many years, typically all day, I recall various issues with bandwidth hogging and huge numbers of connections on some versions. I wasn’t running P2P at the time.

Lite doesn’t seem to have those same issues.

I’ve communicated with 3 users who supposedly were “hacked” and all 3 ran older versions of SmartPSS
 
I have a theory, hunch if you will, that the “P2P” hacks mentioned by the OP originated with SmartPSS

I can’t prove it yet, but there seem to be suspicious coincidences with this and the recent abrupt discontinuation of SmartPSS and urgency to switch to SmartPSS Lite, along with disconnecting some older European P2P servers

As someone who ran SmartPSS for many years, typically all day, I recall various issues with bandwidth hogging and huge numbers of connections on some versions. I wasn’t running P2P at the time.

Lite doesn’t seem to have those same issues.

I’ve communicated with 3 users who supposedly were “hacked” and all 3 ran older versions of SmartPSS

Make it 4 ;):lmao::banghead::(
 
  • Like
Reactions: bigredfish
On one of the networks I help maintain UPNP got enabled somehow on the router and two of the Dahua cameras had a bunch of usernames added to them. Is it just a matter of deleting the user, disabling all of the systems services besides Onvif (using blue iris for NVR), changing the admin password on the camera, disable p2p, disabling UPNP on the router and blocking outbound internet from the cameras besides NTP traffic? Any other holes get opened that people are aware of? Thanks

1748761937449.png
 
Personally if your system has been Hacked then you will want to Reset the cameras and anything they are connected to.. Making sure to change the Passowrrd that you used for all devices and make sure that UPnP isn't enabled on all devices and to even make sure that it can't be enabled by accident I would disable UPnP in the Router so that it will not even allow devices to setup.. That is how I have my Router setup and the picture below is how I have my cameras setup the ones that are connected to NVRs POE ports don't matter in most cases but the ones that are connected to my Local Network and access the Internet for P2P service and or for sending Emails on events..
 

Attachments

  • Screenshot (454).png
    Screenshot (454).png
    109.2 KB · Views: 0
On one of the networks I help maintain UPNP got enabled somehow on the router and two of the Dahua cameras had a bunch of usernames added to them. ........... Any other holes get opened that people are aware of?
Disable uPNP not only in the router but also in the camera when provided.