China-Made DVRs Found to Be Secretly Mining Cryptocurrency


China-Made DVRs Found to Be Secretly Mining Cryptocurrency – A malware, similar to a worm we earlier reported of using internet-enabled home products to mine cryptocurrencies, have been located on digital video recorders (DVRs) made by a Chinese company Hikvision.

As per the information provided by the dean of research at the SANS Technology Institute, Johannes Ullrich, the discovered malware is targeting the recorders that record footages acquired by surveillance cameras. It was discovered during some scans done on Synology disk storage devices for port 5000. The irregularities were only noticed on the DVRs manufactured by Hikvision.


The dean said to have inspected a couple of DVRs before finding out that the malware was operative on the DVR itself. “Two pieces of malware typically ran: a customized version of minderd, the Bitcoin miner – [we] actually learned today that, in this case, it may mine Litecoin, not Bitcoin – [and] a piece of software called, which initiated the scans for Synology devices that we observed before and that led us to investigate the DVR.”

These DVRs are quite similar to those which are used to record Live TV Shows, raising speculations that the malware might be Linux.Darlloz that was first found by Symantec few weeks back. Although experts are still confused about the actual origin of this malware.

Johannes although mentioned that the hackers were targeting remote computers by using a protocol named Telnet. The reason why they easily hypnotized the devices to work as a digital currency mining machine is nothing but the users’ ignorance in changing their default password.

The dean believes that the malware also effected Linux based routers, as they are considered to be more vulnerable than the virtual desktops themselves. “However, the number of badly protected devices is going up exponentially and they turn out to be very hard to patch and secure compared to desktops,” he later added.

Users are recommended to change the default passwords of their internet-enabled home devices to avoid such hacking attempts.

To contact the reporter of the story: Yashu Gola at