AVTECH Malware FAQ

IMPORTANT

LAKSON had stop using AVTECH Equipment since 2015 and have currently no AVTECH system under warranty anymore.
For customers on maintenance/subscription plan, their equipment had already been replaced by non AVTECH equipment since 2016.
As we have no longer any customers using AVTECH equipment under warranty/maintenance/subscription and there’s no easy way to identify if the problems are caused by the malware infection or by faulty hardware, support for AVTECH equipment will cease.
Here are your options if your system is infected.
http://www.lakson.biz/options-avtech-cctv-equipment-users/


I am having a problem viewing my AVTECH CCTV from both my computer and hand phone. It stated as “Connection Error”.

You are using AVTECH Equipment and most likely it’d been infected with ELF_IMEIJ Malware.
As yours is an older AVTECH equipment that had been discontinued by AVTECH, there’s no longer any firmware upgrades from AVTECH that will fix the vulnerabilities that prevent future infection.
You’ll have to replace it or unplugged it from the internet.


What can the ELF_IMEIJ Malware do ?

The hacker will have full control of your system and will be able to monitor data in your network.
It might allow them to copy files from insecure file servers in your network as well.
It also enable the hacker to start an attack on other servers in the internet through your AVTECH CCTV System.


Is there any security firmware upgrades that is able to fix/repair this ?

For newer model, maybe. For old discontinued model, no.

You can refer to the list below. For updated list, please visit AVTECH website. (http://211.75.84.102/e_news/Security/Security.html)
If your model is listed below, visit the AVTECH product page to download the lastest firmware and use it to upgrade your AVTECH Equipment.
If your model is not listed, it’s probably an old discontinued model. There will not be firmware upgrade to fix this.

  • NVR
4CH ~ 6CH 8CH 16CH 36CH ~ 64CH
AVH0401 AVH308EA AVH315 AVH336
AVH304A / 304EA AVH408P AVH316 AVH364
AVH504P AVH317
AVH800EA6 AVH516A / 516B
  • TVI DVR
4CH 8CH 16CH
AVZ203 AVZ207 / 207A AVZ215 / 215A
AVZ205 AVZ209 AVZ217
AVZ404 AVZ308 AVZ316
AVT204 / 204B AVZ408 AVT216 / 216SE
DG1004 / 1004B AVT208 / 208SE DG1015 / 1015A
DG1005 DG1006 / 1006A DG1016 / 1016A
DGD2404 DG1007 DG1316
DGD1304 DG1008 DGD1316
DG1308
DGD1307
DGD1308
  • IP Camera – 3MP
AVM3432T AVM3443
AVM3452T AVM3445
AVM3453 AVM3455
AVM3636
  • IP Camera – 2MP
AVZ592 AVM500 / 500A AVP511
AVM2421 AVM503 AVP521A
AVM2432T / 2432 AVM511 AVP542B
AVM2451A / 2451T AVM521 AVP552B
AVM2451SE AVM521B / 521C AVP571
AVM2452T / 2452 AVM532F
AVM2453 AVM542A / 542B / 542F / 542J
AVM2592L AVM543
AVM552B / 552C / 552F / 552J
AVM553J
AVM561 / 561E / 561J
AVM571 / 571J
AVM583 / 583G
AVM591A
AVM592
AVM837
AVM839

What can I do beside replacing the system ?

Flash the firmware with an uninfected copy of the firmware and unplugged the system from the internet. You can use it for local recording.

Connecting it back to internet for remote viewing will lead to the malware infection again as there is no security fix for that from AVTECH.

You can refer to this link for the guide/links to download the firmware.
http://www.lakson.biz/guide-remove-malware-infected-avtech-devices/
There’ll not be any support for this.

Do refer to the guide or refer to our FAQ. (http://www.lakson.biz/ticket/kb)


Can you reload the old firmware for me or fix the firmware ?

Please place an order http://www.lakson.biz/product/avtech-firmware-upgrade/
However, do note

  • Any Firmware upgrade may fail and result in the equipment unable to operate.
  • Lakson will not be responsible if firmware upgrade result in equipment failure.
  • Do not upgrade the firmware if you are unable to accept possible firmware upgrade failure.
  • This is a one time service.
  • We will reload the firmware and check if the system is recording.
  • The system will still have to be disconnected from the internet as it will be infected by the malware again if it is plug into the internet after reloading the firmware.

Can I retrieve footage from my infected old AVTECH CCTV system ?

From what we had seen so far from infected system, only the remote access is affected. If you wish to retrieve the recording, there’s 2 methods you can try

  1. Connect the DVR to a Monitor and use the front panel menu to search and backup the recording required to a USB thumbdrive
  2. Connect the DVR to a LAN network without internet access, use VideoViewer to search and change the IP to the correct IP, and use the VideoViewer to backup the recording required.

Is my infected AVTECH CCTV System still usable ?

From what we had seen so far from infected system, only the remote access is affected.

If you are using it just for local viewing through a connected monitor and recording without connecting it to any network, it should still function.

However as it is not recommended to do so as the full effect of the ELFIMEIJ  Malware is not known. You should still get it replaced ASAP.


Can I send in any queries I have regarding AVTECH system to the support system ?

Unfortunately no. We had cease support for AVTECH System as it is not feasible to tell if any problem you have is due to the Malware infection or any other issues.

As there is no solution from the AVTECH manufacturer for these old discontinued system, it is not feasible for us to spend time troubleshooting the system.

We also no longer have any customers using AVTECH CCTV System that are still under warranty/maintenance/subscription, therefore support for AVTECH system will cease.

For all tickets open for AVTECH equipment, options for customers will be sent. Here are the options. http://www.lakson.biz/options-avtech-cctv-equipment-users/