The case of “holes” and false advertising
The Federal trade Commission is accusing a Taiwanese company D-Link Corporation and its American subsidiary D-Link Systems insufficient security of routers and IP cameras produced under this brand.
In the lawsuit, filed in the Northern district of California, alleges that the developers failed to take appropriate measures to ensure the cyber security of these devices, and they remain vulnerable even before the most common types of threats.
In particular, potential hackers are still able to easily find vulnerable devices via specialized search engines and find out their IP addresses. After that, as alleged in the complaint the FTC, criminals easily can obtain access to personal data users, including tax and financial information.
In addition, gaps in security IP cameras allow you to use them to spy on users.
Separately, the lawsuit mentions that marketing materials D-Link introduced users to be confused about the security of purchased devices: they are everywhere emphasized that the security of these devices can be achieved without any significant efforts and that the products of D-Link by default, protected from unauthorized access. In this FTC finds a violation of the law on unfair advertising.
Login: guest; password: guest
Among the key shortcomings of the D-Link indicates the presence of programmed pairs logins-passwords, other backdoors and other common vulnerabilities that in theory could allow attackers to seize control over the devices. For example, in the guilt of the company is that the access device is accessed by login and password guest.
D-Link and its American “daughter” of the accused in a us court in the lack of protection devices