The Tel Aviv-based security shop has tracked "hundreds" of attempts to exploit a handful of bugs in IP cameras made by two manufacturers, Hikvision and Dahua, according to Sergey Shykevich, threat intelligence group manager at Check Point Research, in a conversation with El Reg. According to the security shop, the attack infrastructure combined commercial VPN exit nodes - including Mullvad, ProtonVPN, Surfshark, and NordVPN - and virtual private servers, which the Iranians used to scan for vulnerabilities in two specific surveillance camera brands: Hikvision and Dahua. The threat hunters urged defenders to update camera firmware and software to the latest patched versions, and remove direct WAN access so cameras aren't exposed to the public internet.
Author: Jessica Lyons
Published at: 2026-03-04 23:59:54
Still want to read the full version? Full article
