Cyberattack Disrupts Krispy Kreme's Online Orders

HiatusRAT Targets Vulnerable Webcams and DVRs

HiatusRAT Malware Targets Outdated Web Cameras and DVRs: FBI Warns Users

Recent reports indicate a surge in cyberattacks involving HiatusRAT malware, particularly aimed at outdated internet-exposed web cameras and DVRs. The FBI has flagged these attacks, which have primarily affected devices manufactured by Hikvision and Xiongmai, since March. This alarming trend raises critical concerns for users and cybersecurity professionals alike.

The HiatusRAT malware exploits vulnerabilities in common devices across several countries, including the U.S., Canada, Australia, New Zealand, and the UK. Attackers are specifically targeting flaws identified in CVE-2017-7921, CVE-2018-9995, CVE-2020-25078, CVE-2021-33044, and CVE-2021-36260, as well as devices with default passwords. These vulnerabilities have been further exploited using the open-source brute-force tool, Medusa.

Immediate Action Required: Isolate Affected Devices

In light of these developments, the FBI strongly advises users to take immediate action by isolating any potentially affected devices. This proactive measure is crucial in preventing further compromises. Cybersecurity professionals and system administrators are urged to remain vigilant and report any suspected indicators of compromise.

Understanding the HiatusRAT Threat

Initially discovered by Lumen researchers, HiatusRAT was primarily used for delivering additional malicious payloads. However, it has since evolved into a more sophisticated tool. The malware has been utilized to create a concealed proxy network using DrayTek Vigor VPN routers, spreading its reach across the Americas and Europe.

Key Points to Consider:

  • Targeted Devices: Hikvision and Xiongmai web cameras and DVRs
  • Exploited Vulnerabilities: CVE-2017-7921, CVE-2018-9995, CVE-2020-25078, CVE-2021-33044, CVE-2021-36260
  • Brute-force Tool Used: Medusa
  • Affected Regions: U.S., Canada, Australia, New Zealand, UK

Stay Informed and Secure

To safeguard against the HiatusRAT malware, users should ensure that their devices are updated and have strong, unique passwords. It’s essential to stay informed about the latest cybersecurity threats and best practices. For more information on protecting your devices, visit CISA’s Cybersecurity Resources.

If you have experienced any suspicious activity or have concerns about your security, please reach out to your IT department or a cybersecurity expert immediately.

In conclusion, the rise of HiatusRAT malware underscores the importance of securing internet-connected devices. Have you encountered similar threats? Share your thoughts in the comments below and explore our related articles for more insights on cybersecurity strategies.

Share it

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *