Leaked passwords give attackers instant control over >1,700 IoT devices

Minimalist · Aug 25, 2017

Security researchers have unearthed a sprawling list of login credentials that allows anyone on the Internet to take over home routers and more than 1,700 "Internet of things" devices and make them part of a destructive botnet.

The list of telnet-accessible devices, currently posted at this Pastebin address, was first posted in June, but it has been updated several times since then. It contains user names and passwords for 8,233 unique IP addresses, 2,174 of which were still running open telnet servers as of Friday morning, said Victor Gevers, chairman of the GDI Foundation, a Netherlands-based nonprofit that works to improve Internet security. Of those active telnet services, 1,774 remain accessible using the leaked credentials, Gevers said. In a testament to the poor state of IoT security, the 8,233 hosts use just 144 unique username-password pairs.

It is likely that criminals have been using the list for months as a means to infect large numbers of devices with malware that turns them into powerful denial-of-service platforms. Still, for most of its existence, the list remained largely unnoticed, with only some 700 views. That quickly changed Thursday with this Twitter post. By Friday afternoon, there were more than 13,300 views.
Click to expand...

https://arstechnica.com/information...passwords-could-make-the-iot-mess-much-worse/

Circuit · Aug 25, 2017

I thought people already knew this.

"People who use routers, cameras, and other IoT devices are reminded that remote access should be enabled only when there is good reason, and then only after changing default credentials to use a unique, randomly generated password, ideally of 12 or more characters, or assuming the device doesn't allow that, one as long as possible. Even when remote access is disabled, people should always ensure the default password is replaced with a strong one."

No stopping ignorant.
But hey, didn't get to my age being ignorant.
So easy to pass on known facts, then just kick back a smoke a doobie, what a wonderful world.

Minimalist · Aug 26, 2017

Researchers are in a full-out sprint to notify the owners of a substantial list of connected devices and associated telnet credentials that has been available on Pastebin since June but gone viral since Thursday when it was posted on Twitter.
Click to expand...

https://threatpost.com/race-is-on-t...blic-list-of-iot-device-credentials-published

itman · Aug 26, 2017

Couldn't think of a better example of the first thing you do is change default device credentials.

A list of thousands of fully working Telnet credentials has been sitting online on Pastebin since June 11, credentials that can be used by botnet herders to increase the size of their DDoS cannons.

The list includes an IP address, device username, and a password, and is mainly made up of default device credentials in the form of "admin:admin", "root:root", and other formats. The Pastebin list includes 143 credential combos, including the 60 admin-password combos from the Mirai Telnet scanner.

There are 33,138 entries on the list, which recently became viral on Twitter after several high-profile security experts retweeted a link to it. When we took the screenshot below, the list had been viewed 11,000 times, but now, the list view counter is at 22,000+.
Click to expand...

https://www.bleepingcomputer.com/ne...net-credentials-for-thousands-of-iot-devices/

guest · Jan 19, 2020

Hacker leaks passwords for more than 500,000 servers, routers, and IoT devices
The list was shared by the operator of a DDoS booter service
January 19, 2020
https://www.zdnet.com/article/hacke...-than-500000-servers-routers-and-iot-devices/

A hacker has published this week a massive list of Telnet credentials for more than 515,000 servers, home routers, and IoT (Internet of Things) "smart" devices.
The list, which was published on a popular hacking forum, includes each device's IP address, along with a username and password for the Telnet service, a remote access protocol that can be used to control devices over the internet.

All the lists the hacker leaked are dated October-November 2019. Some of these devices might now run on a different IP address, or use different login credentials.
DANGER REMAINS
An IoT security expert (who wanted to remain anonymous) told ZDNet that even if some entries on the list are not valid anymore because devices might have changed their IP address or passwords, the lists remain incredibly useful for a skilled attacker.
Click to expand...

Log in or Sign up

Leaked passwords give attackers instant control over >1,700 IoT devices

Minimalist Registered Member

Circuit Registered Member

Minimalist Registered Member

itman Registered Member

guest Guest

Log in or Sign up

Leaked passwords give attackers instant control over >1,700 IoT devices

Minimalist Registered Member

Circuit Registered Member

Minimalist Registered Member

itman Registered Member

guest Guest

Useful Searches