A computer security instructor says he’s discovered that hackers have been able to infiltrate standard security cameras and then use that hardware to mine for bitcoin, the anonymous digital cryptocurrency.
Johannes Ullrich, a teacher at the computer security SANS Technology Institute, announced last Friday that he found malicious software on Hikvision digital video recorders (DVRs), which are used to record video from surveillance cameras. The virus seems to spread from device to device onto each machine it connects with on the network in question. Along with replicating, though, it also uses the closed-circuit television operators to mine for bitcoin, sending those profits back to the virus’ creator.
“Analysis of the malware is still ongoing, and any help is appreciated,” Ullrich wrote. “Here are some initial findings: The malware is an ARM Binary, indicating that it is targeting devices, not your typical x86 Linux server. The malware scans for Synology devices exposed on port 500.”
This hack is atypical because malware is generally aimed at Linux and Windows systems, whereas the Hikvision hack victimizes DVRs and even some internet routers. Wired reported that Ullrich has since found the malware running on routers, an indication that the programmers likely wrote a specific worm for operating systems.
“Though this is a novel method, it’s hardly the first time hackers have tried to bust their way into other people’s hardware in order to make some bitcoin, the popular digital currency,” Wired’s Robert McMillan wrote on Tuesday. “The bitcoin system is run by independent machines spread across the globe, and if you contribute processing power to the system, you receive some bitcoin in return. This is called mining, and hackers often seek to mine using any machines they can gain control of – including security camera DVRs.”
However, some cybersecurity experts have wondered why the hackers targeted Hikvision DVRs, which are not equipped with a system capable of working with the specialist graphic cards required to mine for bitcoin, according to Virus Bulletin anti-spam test director Martijn Grooten.