Very nasty Dlink malware
  • Admittedly, I have been using old firmware, but my DCS930 and DCS5030 were both compromised, even behind a firewall. I had not blocked their connections to MyDlink, and they were exploited (presumably through the stack overflow method.). New firmware was installed. The cameras continued to function, and did not appear to be being watched for video. (I Have Untangle firewall). What they did was set up a second private 10. network on Wifi, and acted as DHCP servers. They set themselves up as the gateway, and tried to man in the middle any device that accepted them. They also got them to join their own multicast group. Restore to factory settings worked for a while, but then they started up again. There are updated firmware versions since 2018 that supposedly fix it. I fixed it with a large staff with a glass break on the end. DLINK is dead to me. Imagine what they could do with a hacked Router!
  • Wow, that sounds like quite a determined hack, especially as the cameras were behind a firewall, presumably with no exposure to the Internet via port forwarding. Thanks for sharing your experiences. Cameras can indeed be weak points in terms of security, especially cameras that are running old firmware.

    The best way for user to protect themselves from this sort of thing is to segregate cameras on their own LAN with no connection to the Internet. This does however require some additional hardware and setup steps.

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!