30 C
Jaipur
Friday, October 30, 2020

P2P Software Flaw let Hackers to Hijack 2 Million IoT Devices Remotely

Must read

Global Tablet Shipments Grew 25% in Q3 2020 as Apple Retained its Lead at the Top: IDC

Global tablet shipments increased 24.9% YoY in Q3, 2020, hitting 47.6 million units, according to preliminary data from the International Data Corporation (IDC). The...

How to Schedule Emails in Apple Mail with Automator on Mac

While Apple Mail has got the bases covered to be a reliable email app, it lacks many pro features. One of the important features...

A serious security flaw uncovered in iLnkP2P, a peer-to-peer (P2P) communications software component lets hackers hijack and gain access to nearly 2 million IoT Devices and control them remotely.

Peer-to-peer communication technology helps users to connect to their devices at the moment they come online which allows attackers to exploit the IoT devices such as security camera and control it remotely.

A peer-to-peer software component iLnkP2P developed by Shenzhen Yunni Technology, a Chinese based company and this component deployed in millions of Internet of Things (IoT) devices.

iLnkP2P bundled in security cameras and Webcams, baby monitors, smart doorbells, and digital video recorders and the security flaw allows attackers to eavesdrop, password theft, and possibly remote compromise.

Paul Marrapese, a researcher who discovered the flaw said that the vulnerability affected the 2 million IoT devices around the world those distributed by HiChip, TENVIS, SV3C, VStarcam, Wanscam, NEO Coolcam, Sricam, Eye Sight, and HVCAM.

According to the Researcher, Affected devices use a component called iLnkP2P. Unfortunately, iLnkP2P is used by hundreds of other brands as well, making identification of vulnerable devices difficult.

Learn : Mastering the Security of the Internet of Things Course

Discovering the Vulnerable IoT Devices

There are specific serial number known as a UID that looks like (FFFF-123456-ABCDE )can be used to identify this vulnerable device.

The researcher said that each ID begins with a unique alphabetic prefix that identifies which manufacturer produced the device, in this case, many of the companies that white-label the iLnkP2P software.

IOT Devices

Following Prefix contain devices are vulnerable that while labeled in millions of IoT devices but it’s not limited.

AID AJT AVA BSIP CAM
CPTCAM CTW DFT DFZ DYNE
EEEE ELSA ESN ESS EST
FFFF GCMN GGGG GKW HDT
HHHH HRXJ HVC HWAA HZD
HZDA HZDB HZDC HZDN HZDX
HZDY HZDZ IIII IPC ISRP
JWEV KSC MCI MCIHD MDI
MDIHD MEG MEYE MGA MGW
MIC MICHD MMMM MSE MSEHD
MSI MSIHD MTE MTEHD MUI
MUIHD NIP NIPHD NPC NTP
OBJ OPCS OPMS PAR PARC
PCS PHP PIO PIPCAM PIX
PNP PSD PTP QHSV ROSS
SID SIP SXH TIO TSD
UID VIO VSTD VSTF WBT
WBTHD WNS WNSC WXH WXO
XDBL XTST ZES ZLD ZSKJ
ZZZZ

HiChip — a Chinese IoT vendor alone manufactured devices for nearly half of the vulnerable devices that uses the prefixes FFFF, GGGG, HHHH, IIII, MMMM, ZZZZ.

Marrapese said to Kerbs, “a proof-of-concept script he built identified more than two million vulnerable devices around the globe (see map above). He found that 39 percent of the vulnerable IoT things were in China; another 19 percent are located in Europe; seven percent of them are in use in the United States.”

He also developed a proof-of-concept that allows stealing the passwords from devices by abusing their built-in “heartbeat” feature.

A Heartbeat future that built-in with the iLnkP2P sends to “yes I’m here” to their preconfigured P2P servers regularly and waiting for the response and further instructions.

He attempts to notify China’s CERT, iLnk and a half dozen major vendors whose products make up the bulk of the affected devices, none of them have responded to his reports

These are two CVE that we need to point out here ,

  • CVE-2019-11219 refers to an enumeration vulnerability in iLnkP2P that allows attackers to rapidly discover devices that are online.
  • CVE-2019-11220 refers to an authentication vulnerability in iLnkP2P that allows attackers to intercept connections to devices and perform man-in-the-middle attacks and control the device remotely.

Download Free E-book to learn about complete Enterprise Security Implementation & Mitigation Steps – Download Free-Ebook Here.

Source link

- Advertisement -

More articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest article

Global Tablet Shipments Grew 25% in Q3 2020 as Apple Retained its Lead at the Top: IDC

Global tablet shipments increased 24.9% YoY in Q3, 2020, hitting 47.6 million units, according to preliminary data from the International Data Corporation (IDC). The...

How to Schedule Emails in Apple Mail with Automator on Mac

While Apple Mail has got the bases covered to be a reliable email app, it lacks many pro features. One of the important features...

Intel Reveals Details on the 11th-gen Rocket Lake Desktop Processors

Earlier this year, Intel unveiled its 11th-gen line-up of laptop processors complete with a new Intel logo and other changes. Today, the company is...