I wonder if my cameras are part of a bot-net

user_846994761957606

Over the past year of using my collection of 7 Reolink cameras in my home, every once in a while I have noticed that each of them is occasionally trying to access outside IP addresses which my AT&T security support has blocked, sending me notifications when it happens. This has happened from all of my POE cameras on multiple occasions.

Since I've tried to occasionally access my cameras from outside our home, I had assumed that it had something to do with how Reolink allows you to do this using UUIDs. However, it had happened so many times I started recording the IPs that the cameras were attempting to access. The list was about 7 or 8 different IP addresses and some cameras were trying to access the same IPs. After accumulating this list, I sat down and started "whois"ing each of them, assuming that it was some equipment owned by Reolink for their cloud support.

I was shocked to discover that ALL of them belonged to Oracle corporation. Furthermore, they were all associated with either Oracle in Phoenix Arizona or one other Corporate Oracle location (I think it was in New Jersey somewhere but I'd have to confirm that). I no longer have those numbers (they're on a scrap of paper buried somewhere on my desk I think).

Now I'm not real familiar with how all these things work, but it almost looks like these networking products coming out of China have been set up to perform Denial Of Service on some of Oracle's servers. Has anyone got any better ideas of what would explain why my cameras will suddenly start trying to access servers belonging to Oracle. I've spent several hundreds of dollars purchasing all of this equipment and I am really disturbed that some third party may be able to use them for there own malicious purposes.