Support Announcements
Revoked Certificate when viewing mydlink IP Cameras with-in web-browsers

D-Link recently discovered that two of its code signing certificates were misappropriated. Upon discovery, we immediately decommissioned the certificates and investigated the issue. Like several other companies in Asia, D-Link was victimized by a highly active cyber espionage group which has been using PLEAD Malware to steal confidential information from companies and organizations based in East Asia, particularly in Taiwan, Japan, and Hong Kong. The two affected D-Link certificates were revoked, effective July 3rd, 2018. New certificates have been issued to resolve this problem.

 

Accreditation and Coordination

1. Anton Cherepanov, Senior Malware Researcher, ESET, llc.

2. Trend Micro Incorporated

 

The following certificates have been revoked:

 

1. sha1RSA certificate

‧ Issued by Symantec Class 3 SHA256 Code Signing CA

‧ Serial Number: 01 a5 86 a9 5b 44 60 9e 9f ae 25 f9 27 79 62 d6

‧ sha1 Thumbprint: 28 b7 4f b9 84 ee 71 e6 e4 04 dc c8 ce 0d c9 0d 77 43 bf a9

‧ Valid from June 22, 2018 08:00 AM PST (GMT -8:00) to September 21, 2018 07:59:59 AM PST (GMT -8:00)

 

2. sha1RSA certificate

‧ Issued by Symantec Class 3 SHA256 Code Signing CA

‧ Serial Number: 13 03 03 e4 57 0c 27 29 09 e2 65 dd b8 59 de ef

‧ sha1 Thumbprint: f0 f5 58 b8 1a f3 e9 83 a4 12 a0 f7 c8 0a c7 2a 1f ce 0c 0a

‧ Valid from September 30, 2016 8:00 AM PST (GMT -8:00) to October 01, 2019 07:59:59 AM PST (GMT -8:00)

 

Most D-Link customers will not be affected by this issue. However, if you have concerns, please check your mydlink mobile application,  your local D-Link Support website, or http://www.mydlink.com.

 

Affected Products 

 

Model H/W Curent Ver. Scheduled New Ver. Fixed Firmware
Comment
DNR-202L Ax V2.04.03 V2.04.04    
DNR-312L Ax V1.07.09 V1.07.10 Released  
DNR-322L Ax V2.4b03 V2.5b01    
DNR-322L Bx V3.01.04 V3.01.05    
DNR-326 Ax V2.6b01 V2.7b01    
DCS-935L A1 1.11 1.12    
DCS-960L A1 1.06 1.07    
DCS-6004L A2 1.03 1.04    
DCS-5009L Ax 1.08 1.09    
DCS-5010L Ax 1.14 1.15    
DCS-5020L Ax 1.14 1.15 Released Please Use mydlink mobile application for update
DCS-5025L Ax 1.03 1.04    
DCS-5030L Ax 1.04 1.05  Released Please Use mydlink mobile application for update
DCS-6045L Ax 1.02 1.03    
DCS-930L Ax 1.16 1.17    
DCS-930L Bx 2.15 2.16 Released Please Use mydlink mobile application for update
DCS-931L Ax 1.14 1.15    
DCS-932L Ax 1.14 1.15    
DCS-932L Bx 2.16 2.17 Released Please Use mydlink mobile application for update
DCS-933L Ax 1.14 1.15    
DCS-934L Ax 1.05 1.06    

 

 

Recommendations:

 

1. New firmware for affected models are being developed and tested.  The mydlink mobile application will notify you to update for registered cameras in the event of a new firmware release.

 

2. This issue will not affect the mydlink mobile applications.  This certificate revocation affects viewing and configuring the camera from within a web-browser.

 

3. if you require the use of the web-browser, you can reconfigure your browser temporarily to ignore the revoked cert.

Please note regarding option 3: These settings should be treated as temporary. We recommend only reconfiguring

your system during the use of the camera through a web-browser, and then returned back to default for validating the certicate.

 

For Mac OSX:
Go System Preferences> Java> Advanced> Perform signed code certificate revocation checks on, select "Do not check (not recommended)" 

 

 

 

For Windows:
Go Control Panel> All Control Panel Items>Java> Advanced> Perform signed code certificate revocation checks on, select "Do not check (not recommended)"

 

 

D-Link takes the issues of network security and user privacy very seriously. We have a dedicated task force and product management team on call to address evolving security issues and implement appropriate security measures. D-Link will continuously provide updates signed using our new digital certificates.