Avast expert explains what consumers should know about the leak of a half-million security credentials for servers, home routers, and smart devices
A hacker recently leaked a list of more than a half-million Telnet credentials for servers, home routers, and smart devices, leaving them vulnerable to attack. Marko Zbirka, an Internet of Things threat researcher at Avast, answered key questions related to the incident – and why it matters to consumers.
Q: What is Telnet used for?
A: Telnet is protocol used to provide remote access to devices. The protocol was developed in 1969 to provide remote access to servers. Today it is widely included in IoT devices, but only used in specific cases, for example if the user requires remote and full access to the device’s underlying system, to remotely access advanced settings or to debug such a device
Q: Which devices commonly use the Telnet protocol?
A: We commonly see Telnet used by routers, IoT devices such as IP cameras, smart appliances, and even DVT2 set-top boxes.
Q: How can users tell if their devices’ Telnet port is exposed?
A: Users can check if their devices’ Telnet port is exposed by using features like Avast Wi-Fi Inspector, included in all versions of Avast Antivirus. Wi-Fi inspector scans the network, checking for devices using Telnet for empty, default, or weak passwords, and alerts users of these, so they can make a change to secure their network. It also checks for passwords that are known to be used by malware botnets in the past, including the Mirai botnet. Users can also check their router’s settings, by logging into their router’s administrative interface, to see if Telnet is ..
Support the originator by clicking the read the rest link below.
