Login credentials for 515,000 servers, smart devices, and home routers was recently released on a hacking forum by an unknown leaker.
Recently, it was reported that an unknown hacker released a massive list of login credentials for around 515,000 smart devices, servers, home routers, and alike. The list was dumped on a hacking forum, alongside details like devices’ IP addresses, usernames, passwords for the Telnet service, as well as a remote access protocol via which the devices can be controlled.
Hacker leaks passwords for more than 500,000 servers, routers, and IoT devices https://t.co/9mQ0gHskRf
— ZDNet (@ZDNet) January 20, 2020
The leaker also left a statement, admitting that the list was created through scanning the internet for random devices that had their Telnet port left exposed. The statement was later confirmed by security researchers. After locating vulnerable devices, the hacker hijacked them via one of two methods: either by trying factory-set login credentials or by attempting custom set passwords that were easy to guess.
The list itself is what is known as a ‘bot list,’ and it represents a component of an IoT botnet operation. In other words, hackers scan the web for vulnerable devices, hijack them, infect them with malware, and use them for conducting future attacks that are usually quite damaging.
While such lists are usually kept private, there have been some cases where hackers would dump login info for similar botnets. However, this list is the largest one of its kind that was leaked to date. Meanwhile, the hacker is suspected to be a maintainer of a DDoS-for-Hire service.
The hacker explained his motivation behind the dump by saying that he upgraded his DDoS service to a new model and that he no longer requires a botnet. He now uses high-output cloud services for conducting his attacks.
The devices on the list are located all over the world, many of which are on the networks of known internet providers. However, an anonymous IoT security expert claims that some devices on the list may no longer be used due to changed IP or passwords. Still, many of the devices are believed to be vulnerable even now, and they would be a valuable asset for a skilled hacker.
Images are courtesy of Shutterstock, Twitter, Pixabay.