iotmirai, a piece of malware

wolfsat

Newbie
Hi All,


I have a cctv DVR that i have ben told by Virgin Media that it is infected with th iotmirai virus..!!!


Does anyone know how i can remove this from my DVR....?



Many Thanks in advance.


Mat.
 

bees

VIP Member
Have a read here

HTML:
https://www.webroot.com/blog/2016/10/10/source-code-mirai-iot-malware-released/

Disconnect from internet, reboot, change password locally and re connect to internet if I'm
reading this correctly.
 

mrtweaks

Member
Log in to your infected account and start the browser. Download Reimage or other legitimate anti-spyware program. Update it before a full system scan and remove malicious files that belong to your ransomware and complete Mirai removal.
 

mrtweaks

Member
Mrtweaks, its an Apollo Avis DVR so it doesn't have a browser...?

From what I understand this model can be viewed externaly? This is done though a browser by the ip or name server allocated. If you highlight the box and run AV etc.though that with the DVR as the device to scan? It is very important that you do not use default passwords on these type of kit as they are being so easily hacked anyway.
 

leemoo

Member
Strange VM have told you that? Never heard of that before. Have the contected you directly by email or phone?

I would assume its just the data on the hard drive unless you have been told otherwise. I would simply format the hard drive and see if that resolves the problem. Normally there would be a format option on your CCTV system.

You will obviously lose any data on that hard drive!! Any recordings.
 

wolfsat

Newbie
Thread starter
Leemoo, i have sent qvis an email and am awaiting a response, apparently the virus only attacks the chip and i was lead to believe that by turning the machine off the virus will dissappear, i tried this and immediately changed the default passwords before hooking up to the net but it still must be there as it floods my network and uses all my bandwidth.

Feel like throwing it through the window :damn:
 

wolfsat

Newbie
Thread starter
reply from qvis:



The router on site and the
DVR will both need to be rebooted to clear this if you are correct

:damn:
 

leemoo

Member
Leemoo, i have sent qvis an email and am awaiting a response, apparently the virus only attacks the chip and i was lead to believe that by turning the machine off the virus will dissappear, i tried this and immediately changed the default passwords before hooking up to the net but it still must be there as it floods my network and uses all my bandwidth.

Feel like throwing it through the window :damn:


How did you get on mate?

Interested in this as its a bit of a strange one.
 

wolfsat

Newbie
Thread starter
Disconnected router and DVR and left without power for 2 hours then restarted DVR without internet connection deleted all the user accounts and then changed the admin password, conected it back to the internet and so far Fingers Xd its all working sound.


Its been 5 days now so may have fixed the issue :)
 

leemoo

Member
Disconnected router and DVR and left without power for 2 hours then restarted DVR without internet connection deleted all the user accounts and then changed the admin password, conected it back to the internet and so far Fingers Xd its all working sound.


Its been 5 days now so may have fixed the issue :)

Glad you got it sorted mate!

Thanks for letting us know how you got on as it was a weird one that.
 
Top