Netgear Armor Blocking Wyze Cam suddenly

I also have the same NETGEAR Orbi and tonight I received the same alerts. I got probably around 20 of them. I have had the Orbi for some time now and never had this issue with Wyze

2 Likes

FWIW, here is Bitdefender’s Auto Reply:

Thank you for your file submission.

The file has been automatically sent to our laboratories for specialized analysis. If the file is indeed a False Positive, the detection will be removed in the next 72 hours and the modification will be implemented in the product through a Signature Update. Please keep your Bitdefender up-to-date.

Please be informed that this is an automated process. Reply to this email if you have any other issues regarding your Bitdefender product and one of our engineers will take over.

Have a nice day!

2 Likes

I submitted the same to Bitdefender. I received the same response. I guess it’s a waiting game now.

1 Like

I experienced this exact issue on my Orbi as well.

1 Like

Needless to say, I got the same message in Bitdefender, with 29 threats blocked. I turned my cameras off in the Wyze application and they seem to have stopped. I’m new to Orbi having recently changed my router. Do many people install Bitdefender Security on their computers/devices?

2 Likes

Dave - I’ve not installed BitDefender on my devices, and after this won’t.

2 Likes

I have bitdefender on my PCs. I don’t use them for my router though. I have a Ubiquiti Router and TP-Link access points.

3 Likes

I experienced this exact issue on my Orbi mini with Bitdefender installed as well, over 60 threats blocked.

Rebooted my modem and Orbi and it stop notifying…so far.

I’ve installed Bitdefender Security on all my 2 devices.

1 Like

Has anyone received a response from either Wyze or Bitdefender on this issue? Is it a false positive or something we should be worried about?

3 Likes

Bitdefender may never reply. Over the last few years our office has reported several false positives. They have never replied but they have quietly removed the false positives. Especially after we took them to court.

2 Likes

Just want to add…I had turned off notifications last night and on earlier this morning. Haven’t seen any new notifications. Did not reboot the router.

4 Likes

Same here, have been slowly turning on cameras one at a time and no notifications yet.

4 Likes

Sounds like it was indeed a false positive and they removed it. If so then well done by them for being so quickly responsive.

5 Likes

Situation…not the droids we’re looking for…Move along.

4 Likes

I had this same issue too. I have the nighthawk router. Got the same notification non-stop. I ended up just reporting it as a false positive to netgear. I haven’t heard from them yet, but it did stop the next day.

4 Likes

Ever consider it may actually be blocking an attempt to hijack your cameras? I’m sure by now everyone’s heard about the Ring hack. Same night that happened we got over 200 attempts like you’re describing, only through Ring, not Wyze. It stopped after about an hour and hasn’t done it since. I’m no IT expert but seems like something you may not want to put an exception for and risk someone breaking in.

2 Likes

The Ring hack is a misnomer, and the media is causing mass hysteria with their misinformation. The cameras themselves are not being hacked. It’s the user’s accounts, which have been compromised because they used poor password practices, that are the problem. I recommend reading this post. It has some great information. :slight_smile:

3 Likes

Now I’m wondering if this has anything to do with the recent Data breach?

signed…the newbie.

1 Like

I’m not an expert, but I doubt it. If it were related to that, it would have been necessary for Netgear to know about the exposed (non-production) server in advance. If they had, I’m sure they’d have been more responsible in their disclosure practices than 12Security was.

My best guess is it’s probably something related to the wildcard SSL certificate on the AWS server. Basically, I’m guessing that if anyone deployed something a little shady on any subdomain bucket in the entires3.us-west-2.amazonaws.com” server, Netgear’s algorithms would probably flag everything using the same SSL certificate. In most cases, that’s a smart thing to do, but when you’re dealing with a behemoth like AWS, it’s sort of pointless.

It sounds like the flag has been removed at this point, but if it were still happening, it would be easy to test that theory by looking for any random subdomain from “s3.us-west-2.amazonaws.com” and seeing whether you get the same behavior.

2 Likes

Thanks for replying …the timing was concerning for me.

signed …the newbie.

1 Like