An estimated 500,000 DVRs and IP-based cameras were used in a series of massive DDoS attacks in September. Security firm Flashpoint says it has identified the manufacturer of the devices leveraged in the attacks. The culprit behind the KrebsOnSecurity.com and OVH attacks is traced back to one white-box DVR manufacturer, China-based XiongMai Technologies. The company made the fatal error of using a default username root and password xc3511 combination on each DVR.
Source: https://threatpost.com/when-dvrs-attack-a-post-iot-attack-analysis/121179/