A Chinese electronics company called Hangzhou Xiongmai Technology is recalling webcams and other devices that were targeted in a distributed denial of service (DDoS) attack on Friday. The attack, which hit the domain name system services company Dyn, prevented millions of users from accessing websites and apps including Twitter and WhatsApp.
According to Reuters, the company issued a statement that said it would “recall some of its earlier products sold in the United States, strengthen password functions and send users a patch for products made before April last year.”
As my colleague Jacob Brogan wrote Friday, the attack used Mirai botnets to exploit Internet of Things devices, like webcams and recorders, “taking advantage their frequently low security to employ them in DDoS offensives.” Essentially, the hack turns the simple devices into requesting agents that flood a system, in this case Dyn, with requests, forcing it to shut down.
The statement from Xiongmai Technology put most of the blame for the attack on users not changing their security information from the default password.
While the recall may help remove some of these devices, the risk of another DDoS attack remains high.