Hacked Internet of Things Database

Last Update: February 7, 2017

More and more gadgets for the home are connected to the Internet for additional functionality. Refrigerators to Thermostats to Door Locks, the list is never ending. Do not forget about security. You may have created an open door for hackers, become part of an evil Botnet, or illegal activity without your knowledge.

A vulnerable webcam can give ANYONE on the Internet a view of your home. Secure these home gadgets as strongly as possible. Many can NEVER be updated, which means that you should discontinue their usage.

Turn off uPNP on your router to prevent ports from being opened up to access IOT devices.

Even the NSA is loving the rise of all these IOT devices to let them hack more easily. CCTV cameras were involved in a DDoS attacks, taking down small businesses who did not pay ransom.

Hacked Internet of Things Insecure Device List

Baby Monitors

Gynoii – Details

iBaby M3S, iBaby M6 – Details

Lens Peek-a-View – Details

Philips In.Sight B120/37 – Details

Summer Baby Zoom Wifi Monitor & Internet Viewing System – Details

TRENDnet WiFi Baby Cam TV-IP743SIC – Details

Home

AuYou Wi-Fi Smart Outlet Switch – Details

Ceomate Bluetooth Smart Doorlock v2.01 – Details

Elecycle EL797 & EL797G Smart Padlock v1.8 – Details

iBluock Padlock 1.9 – Details

Garage doors with no rolling codes – Details

Kwikset – Smartkey locks – Details

Lagute Sciener Smart Doorlock v3.3.0 – Details

LIFX Smart LED Light BulbDetails

Mesh Motion Bitlock Padlock v1.4.9 – Details

Okidokey Smart Doorlock v2.4 – Details

Plantraco Phantomlock v1.6 – Details

Poly Control Danalock Doorlock v3.0.8 – Details

Quicklock Doorlock & Padlock v1.5 – Details

Samsung Smart TVs 2015 – Details

TRANE Comfortlink XL850 – Details

Vians Bluetooth Smart Doorlock v1.1.1 – Details

Kitchen Appliances

Smarter Wi-Fi iKettle – Details

Pets

Dog Training System – Details

Security

Yale Zigbee Doorlock – Details

Toys

Boosted, Revo, Yuneec Electric Skateboards – Details

Cayla Doll – Details

Hello Barbie – Details

iSPY Camera Tank – Details

Vtech Learning Lodge – Details

Webcams – IP Cameras – DVR

This category is a minefield.  Look how many people have their cameras made public on Insecam.com – Stick to a Dropcam or Ring Doorbell camera.

In September 2016 a massive number of IP Cameras and DVRs were hacked and used to DDOS or take off the Internet due to high traffic, websites. Each has a hard coded telnet username and password of root – xc3511 – XiongMai Technologies of Hangzhou, China, created many of these devices that are rebranded by others and sold. If you have one, updated it and change its password immediately.

We would never buy a no-name IP camera from amazon, you are just asking for it.

ACTi IP Camera – default login

ANKO Products DVR – default login

AVTECH IP Ccameras, NVR, DVR – Details

Axis IP Camera – default login – Watch video with no Passwords!

CCTV-DVR – Over 70 different Vendors – Details

D-Link DCS930L, DCS932L – Details

Dahua Camera – default login– Must change default password and update firmware right away – Some have hardcoded backdoor ONVIF password of admin/admin

Dahua IP Camera – default login

Dahua IP Camera HDW4300C – default login

Dahua DVR – default login

Defeway – Watch video with no Passwords

Dreambox TV receiver- default login

Eminent EM6220 – Details

EV ZLX Two-way Speaker

Foscam – different brand names in Europe – Authenticate you with ‘admin’ without requiring password

Guangzhou Juan Optical – default login

Hootoo HT-IP211HP
H.264 – Chinese DVR – Details
HiSilicon IP Camera – Details – Details2
IPX-DDK Network Camera – Details
IQinVision Cameras – Details
IZON – Details
Linksys – Watch video with no Passwords!
Loftek CXS 2200 – Details
Mobotix Network Camera – Details
Packet8 VOIP Phone – Details
Panasonic – Watch video with no Passwords!
Panasonic Printer – Details
Q-See QC-818
Supra Maginon IPC-20 – Details

Netgear Arlo – Details

RaySharp DVRs – Details

Samsung IP Camera – Details

Shenzhen Anran Security Camera – Details

Sony – IPELA Engine IP Cameras – Details

SNC-CX600, SNC-CX600W, SNC-EB600, SNC-EB600B, SNC EB602R, SNC-EB630, SNC-EB630B, SNC-EB632R, SNC-EM600, SNC-EM601, SNC-EM602R, SNC-EM602RC, SNC-EM630, SNC-EM631, SNC-EM632R, SNC-EM632RC, SNC-VB600, SNC-VB600B, SNC-VB600B5, SNC-VB630, SNC-VB6305, SNC-VB6307, SNC-VB632D, SNC-VB635, SNC-VM600, SNC-VM600B, SNC-VM600B5, SNC-VM601, SNC-VM601B, SNC-VM602R, SNC-VM630, SNC-VM6305, SNC-VM6307, SNC-VM631, SNC-VM632R, SNC-WR600, SNC-WR602, SNC-WR602C, SNC-WR630, SNC-WR632, SNC-WR632C, SNC-XM631, SNC-XM632, SNC-XM636, SNC-XM637, SNC-VB600L, SNC-VM600L, SNC-XM631L, SNC-WR602CL, SNC-CH115, SNC-CH120, SNC-CH160, SNC-CH220, SNC-CH260, SNC-DH120, SNC-DH120T, SNC-DH160, SNC-DH220, SNC-DH220T, SNC-DH260, SNC-EB520, SNC-EM520, SNC-EM521, SNC-ZB550, SNC-ZM550, SNC-ZM551, SNC-EP550, SNC-EP580, SNC-ER550, SNC-ER550C, SNC-ER580, SNC-ER585, SNC-ER585H, SNC-ZP550, SNC-ZR550, SNC-EP520, SNC-EP521, SNC-ER520, SNC-ER521, and SNC-ER521C.

Toshiba Network Camera – Details

VideoIQ – Details

Vivotek IP Camera – Details

Security Researchers have found Security Holes

SmartThings – Details

Sony – Watch video with no Passwords!

TPLink- Watch video with no Passwords!

Universal Plug and Play UPnP – Always turn it off in your router! – Details

Wireless Routers

Sierra LS300, GX400, GX/ES440, GX/ES450, and
RV50 – Must change default password – Details

Motherboards

SuperMicro BMC – Details

General Internet of Things Security Tips

Here are some general tips to secure your devices at home.

Wi-Fi Network Connection

Connect your IOT device such as a Dropcam or Nest Smoke Detector to your Guest Wi-Fi network whenever possible.  This network should be walled off from the normal network, preventing access to all your Computers.  Malicious devices could snoop on your network and quietly send information without your knowledge.

If the Wireless routers guest network is not secure, it is even better to have 3 routers in a Y configuration. You can purchase an inexpensive router that hooks up to your Cable/DSL modem, then have 2 separate wireless routers connected to this device. Put all Internet of Things devices on one of the Y routers. Connect your computers, smartphones, tablets to the other router.

Securing Wearable Technology Fitness Devices

Fitness trackers like the Fitbit, Vivosmart, Jawbone Up, Apple Watch, etc connect via Bluetooth.  Some devices use a fixed Bluetooth MAC address, allow criminals or law enforcement to identify you, wherever you go.

More secure fitness trackers like the Apple Watch protect users against tracking by switching the devices address every 10 minutes.

Look for updates from your fitness device’s website to address this issue. Garmin has issued updates to fix this issue.

Federal Trade Commission Makes Asus Improve Router Security

In February 2016, the Federal Trade Commission settled charges with Asus, over critical security flaws in its routers that put the home networks of hundreds of thousands of consumers at risk.

Finally!, the government is forcing these manufacturers to fix wireless routers that can be come huge security holes. This precedent should cause Internet of Things makers to also fix issues, or be subject to lawsuits.

Conclusion

IOT devices are great, but introduce a new level of complexity and security holes for hackers to break in. Do you worry about getting hacked through your gadgets?

Author: SafeGadget

Teaching users on how to secure their computers and gadgets.

2 thoughts on “Hacked Internet of Things Database”

Leave a Reply