Security experts from Trend Micro discovered a new family of Linux malware, tracked as ELF_IMEIJ, targeting AVTech surveillance devices.
If you are using AVTech equipment, you can do the following to protect your device,
- Never expose the web interface of any Avtech device to the internet, i.e. disable remote internet viewing of CCTV for all AVTech Devices
- Change the default admin password. Note: Installation done by Lakson have the default factory admin password changed during installation.
Symptoms
- Slow down of your network
- Unable to login to your AVTECH CCTV System
- Restarting of AVTECH system works only temporary for next 30 mins to 1 hour.
RISK
- The attacker will have full control of your system and will be able to monitor data in your network.
References :-
http://blog.trendmicro.com/trendlabs-security-intelligence/new-linux-malware-exploits-cgi-vulnerability/
http://news.thewindowsclub.com/new-linux-malware-attacks-avtech-iot-devices-88739/
http://www.securityweek.com/ddos-malware-targets-avtech-cgi-vulnerability
Updates for selected models are available from AVTECH (http://www.avtech.com.tw/) on any updates on securing their CCTV equipment/removing the malware. You can refer to our guide on how to upgrade your firmware here.
When our ProActive Monitoring System pick up abnormality in the QC of AVTECH equipment in 2015, Lakson had stop using AVTECH equipment for installation project since and had switched to other brands. These includes brands which is used by Singapore Police/Cisco and is installed in various high security installation such as SMRT, Esplanade, etc.
For customers on maintenance/subscription, your equipment had already been replaced by non AVTECH equipment since 2016. We no longer have any customers with AVTECH equipment that’s under warranty currently.
For customers who are still using old AVTECH Equipment without firmware patches from AVTECH, you can purchase and replace your DVR (Non-AVTECH Brand, used by Singapore Police/Cisco) from $85.
Promotional Offer only available through online order.
Following packages comprised only of DVR.
HDD not included. You can reuse your HDD removed from your existing AVTECH Equipment if they are still working and compatible.
Delivery Only. Customer will have to do own installation/configuration. Suitable for the technical savvy customers.
PROMOTION OVER (Update 8 April 2017)
Following system comprised of DVR and HDD and includes 1 Year Online Technical Support.
In order to assist customers who are still using older AVTECH without available firmware patches, we’ll include FREE labour to replace your DVR and FREE internet router configuration for the following packages.
Free Replacement and Internet Router configuration Offer valid till 7 April 2017 only.
Choose the following packages to replace your old discontinued DVR.
Package includes labour to replace and internet router configuration.
Following system comprised of replacement of DVR and HDD
Digital Video Recorder
For more package selection, click here. High Definition (HD) System available.
Here’s how AVTECH System looks like. If you are using any of the software/dvr that look like this, then most likely you are using AVTECH equipment.