A hacker posted a trove of Telnet credentials for more than 515,000 servers, IoT devices and routers on a hacking forum.
The leaked lists, dated October and November of last year, were published by someone who runs a DDoS-for-hire service and include usernames, passwords and IP addresses, according to a report by ZDNet. The hacker, the report said, scanned the internet to find devices with exposed Telnet ports then ran factory-set credentials and as well as custom password combinations to build bot lists that let hackers access the devices and install malware.
Noting that many of devices likely had been compromised months oryears ago, Ekaterina Khrustaleva, COO of ImmuniWeb,said, “It’s likely all these devices have been present on many blacklists fora while already.”
While the current Telnet leak is “a colorful reminder about theskyrocketing number of unprotected IoT and network devices that in a few yearsmay become the main substance for DDoS botnets difficult to shut down.” Khrustaleva said, “a comprehensiveinventory of the devices, maintenance of firmware and restrictions aroundconnecting from the Internet are the very fundamental precautions for all userswho don’t want to give away their device to the attackers.”
She said she wouldn’t “assign much importance to this particularincident,” explain that on “the dark web, it’s fairly easy to acquire larger,and otherwise better lists of compromised and backdoored devices that arepoised to remain under the buyer’s control for a while.”
Share this:
Support the originator by clicking the read the rest link below.
