Hacker leaks passwords for more than 500,000 servers, routers, and IoT devices

Forums Security News (Security) Hacker leaks passwords for more than 500,000 servers, routers, and IoT devices

Tagged: 

  • This topic is empty.
Viewing 0 reply threads
  • Author
    Posts
    • May 3, 2020 at 6:20 pm #40241
      Telegram SmartBoT
      Moderator
      • Topic 5959
      • Replies 0
      • posts 5959
        @tgsmartbot

        #News(Security) [ via IoTGroup ]

        Headings…
        Hacker leaks passwords for more than 500,000 servers, routers, and IoT devi
        Data leaked by a DDoS service operator
        Danger remains

        Auto extracted Text……

        A hacker has published this week a massive list of Telnet credentials for more than 515,000 servers, home routers, and IoT (Internet of Things) “smart” devices.
        The list, which was published on a popular hacking forum, includes each device’s IP address, along with a username and password for the Telnet service, a remote access protocol that can be used to control devices over the internet.
        According to experts to who spoke this week, and a statement from the leaker himself, the list was compiled by scanning the entire internet for devices that were exposing their Telnet port.
        Hackers scan the internet to build bot lists, and then use them to connect to the devices and install malware.
        These lists are usually kept private, although some have leaked online in the past, such as a list of 33,000 home router Telnet credentials that leaked in August 2017.
        As ZDNet understands, the list was published online by the maintainer of a DDoS-for-hire (DDoS booter) service.
        When asked why he published such a massive list of “bots,” the leaker said he upgraded his DDoS service from working on top of IoT botnets to a new model that relies on renting high-output servers from cloud service providers.
        ZDNet did not use any of the username and password combos to access any of the devices, as this would be illegal — hence we are unable to tell home many of these credentials are still valid.
        Some devices were located on the networks of known internet service providers (indicating they were either home router or IoT devices), but other devices were located on the networks of major cloud service providers.
        An IoT security expert (who wanted to remain anonymous) told ZDNet that even if some entries on the list are not valid anymore because devices might have changed their IP address or passwords, the lists remain incredibly useful for a skilled attacker

        Read More..
        AutoTextExtraction by Working BoT using SmartNews 1.02976805238 Build 26 Aug 2019

    • Author
      Posts
    Viewing 0 reply threads
    • You must be logged in to reply to this topic.