I also have the same NETGEAR Orbi and tonight I received the same alerts. I got probably around 20 of them. I have had the Orbi for some time now and never had this issue with Wyze
FWIW, here is Bitdefender’s Auto Reply:
Thank you for your file submission.
The file has been automatically sent to our laboratories for specialized analysis. If the file is indeed a False Positive, the detection will be removed in the next 72 hours and the modification will be implemented in the product through a Signature Update. Please keep your Bitdefender up-to-date.
Please be informed that this is an automated process. Reply to this email if you have any other issues regarding your Bitdefender product and one of our engineers will take over.
Have a nice day!
I submitted the same to Bitdefender. I received the same response. I guess it’s a waiting game now.
I experienced this exact issue on my Orbi as well.
Needless to say, I got the same message in Bitdefender, with 29 threats blocked. I turned my cameras off in the Wyze application and they seem to have stopped. I’m new to Orbi having recently changed my router. Do many people install Bitdefender Security on their computers/devices?
Dave - I’ve not installed BitDefender on my devices, and after this won’t.
I have bitdefender on my PCs. I don’t use them for my router though. I have a Ubiquiti Router and TP-Link access points.
I experienced this exact issue on my Orbi mini with Bitdefender installed as well, over 60 threats blocked.
Rebooted my modem and Orbi and it stop notifying…so far.
I’ve installed Bitdefender Security on all my 2 devices.
Has anyone received a response from either Wyze or Bitdefender on this issue? Is it a false positive or something we should be worried about?
Bitdefender may never reply. Over the last few years our office has reported several false positives. They have never replied but they have quietly removed the false positives. Especially after we took them to court.
Just want to add…I had turned off notifications last night and on earlier this morning. Haven’t seen any new notifications. Did not reboot the router.
Same here, have been slowly turning on cameras one at a time and no notifications yet.
Sounds like it was indeed a false positive and they removed it. If so then well done by them for being so quickly responsive.
Situation…not the droids we’re looking for…Move along.
I had this same issue too. I have the nighthawk router. Got the same notification non-stop. I ended up just reporting it as a false positive to netgear. I haven’t heard from them yet, but it did stop the next day.
Ever consider it may actually be blocking an attempt to hijack your cameras? I’m sure by now everyone’s heard about the Ring hack. Same night that happened we got over 200 attempts like you’re describing, only through Ring, not Wyze. It stopped after about an hour and hasn’t done it since. I’m no IT expert but seems like something you may not want to put an exception for and risk someone breaking in.
The Ring hack is a misnomer, and the media is causing mass hysteria with their misinformation. The cameras themselves are not being hacked. It’s the user’s accounts, which have been compromised because they used poor password practices, that are the problem. I recommend reading this post. It has some great information.
Now I’m wondering if this has anything to do with the recent Data breach?
I’m not an expert, but I doubt it. If it were related to that, it would have been necessary for Netgear to know about the exposed (non-production) server in advance. If they had, I’m sure they’d have been more responsible in their disclosure practices than 12Security was.
My best guess is it’s probably something related to the wildcard SSL certificate on the AWS server. Basically, I’m guessing that if anyone deployed something a little shady on any subdomain bucket in the entire “
s3.us-west-2.amazonaws.com” server, Netgear’s algorithms would probably flag everything using the same SSL certificate. In most cases, that’s a smart thing to do, but when you’re dealing with a behemoth like AWS, it’s sort of pointless.
It sounds like the flag has been removed at this point, but if it were still happening, it would be easy to test that theory by looking for any random subdomain from “
s3.us-west-2.amazonaws.com” and seeing whether you get the same behavior.
Thanks for replying …the timing was concerning for me.
signed …the newbie.