FTC files complaint against D-Link over insecure IP cameras and routers

By admin On Jan 6, 2017

Spread the love

The American watchdog FTC has filed a complaint against the Taiwanese manufacturer D-Link. According to the complaint, the company has not ensured that its routers and IP cameras are sufficiently secured. D-Link does not agree with the complaint.

The FTC reported in its complaint that D-Link’s lack of security exposes its devices to hackers and threatens consumer privacy. According to the watchdog, routers and IP cameras are increasingly targeted by hackers. In addition, companies must ensure that if they claim their products are safe, they actually are.

While D-Link has made those kinds of claims, there are several security flaws in its products, according to the FTC. For example, some models are equipped with pre-programmed passwords and usernames, for example the word ‘guest’ twice, and it was possible for hackers to take over routers via command injection.

In addition, the FTC notes that the private key for signing D-Link software was publicly available for six months and that the manufacturer’s mobile app stored users’ login information insecurely on mobile devices. As a result, D-Link would have engaged in unfair commercial practices and misled consumers.

The Taiwanese company says in a response that it does not agree with the complaint from the FTC. The organization is said to have expressed vague and unsubstantiated complaints about its routers and IP cameras. The company wants to “defend itself vigorously” against the allegations and says the complaint does not mention anything about consumers who have actually suffered harm from its products.

The FTC previously filed a similar complaint against Asus, alleging it put consumers at risk with insecure routers. The two parties eventually reached a settlement, requiring Asus to implement a proper security program and inform consumers about security updates.

The Mirai botnet, which emerged last year, showed that not or poorly secured routers and IP cameras can be a problem. That consists largely of hacked iot devices and is capable of carrying out large ddos attacks.