Recent reports online of Hikvision systems being hacked?

[gp116126]

I have seen a number of reports on a Facebook forum that users are being hacked. The hack results in a message appearing on all camera feeds. Photo of one such hack attached. I've not experienced this myself but wondered if it is known to this group.

 

[uvs-300]

https://www.reddit.com/r/homesecurity/comments/13uv03x

 

[gp116126]

https://www.reddit.com/r/homesecurity/comments/13uv03x

Thanks I've seen that. A user posted it on the forum in question. I was just wondering what this forum thought as Dan and the other chaps are pretty hot on these kind of things Would be interested for instance to know in what circumstances systems are vulnerable and whether it is relevant to certain nvrs dvrs, software versions and releases.

Also be interested to know what Hikision say.

Another report just posted now.

 

[JB1970]

I doubt that this would affect any up to date firmware. I'd hazard a guess that most customers that have CCTV installed by others, don't keep their systems firmware up to date and wouldn't contact the installer again unless they experienced an obvious issue such as camera or recorder failure. End users who have installed their own systems (and frequent the forums here and elsewhere) are perhaps a little more aware/tech savvy. They are more likely keep their systems up to date.

There will be a vast amount of systems still out there that still have Hikvision cameras pre 5.2 firmware that used 12345 for the admin password (prior to that firmware, plug and play did not copy the NVR admin password to the cameras - if you wanted a stronger password, the cameras had to be added manually). I guess the t**t who is responsible is just finding those cameras, logging in and adding that message using the text overlay field in the camera.

 

[gp116126]

Thanks a lot JB. Your reply makes perfect sense. Does seem to be the case from reading the relevant threads on the forums that the users affected are not very clued up about their systems.