Security firm Trend Micro said in a blog post that the malware in question targeted more than 1000 different models, all of which were based on OEM products
Persirai was first detected in March by a security researcher known as Pierre Kim.
In a description of the affected cameras, he wrote: "The Wireless IP Camera (P2) WIFICAM is a camera overall badly designed with a lot of vulnerabilities. This camera is very similar to a lot of other Chinese cameras.
He added that his tests had shown that the leak affecting the custom http server running on the camera affected at least 1250+ camera models. "It can be used to execute the remote code execution as root."
Trend Micro said in its write-up that the command and control servers that the malware was connecting to after infecting a camera appeared to be located in Iran.
"A large number of these attacks were caused by the use of the default password in the device interface," Trend Micro said. "Thus, users should change their default password as soon as possible and use a strong password for their devices."
But this alone would not guarantee safety, it said. "...users should also disable UPnP on their routers to prevent devices within the network from opening ports to the external Internet without any warning."
Graphic: courtesy Trend Micro.