Hacker leaks 500k passwords for servers, routers and IoT devices on Dark Web
Added 01-20-20 08:37:02am EST - “A hacker has dumped a massive list of Telnet credentials and passwords for over 500,000 servers, routers, and so-called smart devices on the Dark Web, exposing the persistent vulnerability of cloud service providers.” - Rt.com
CLICK TO SHARE
The list, published on a popular hacking forum, includes IP addresses, usernames and passwords for the Telnet remote service, which is used on numerous Internet of Things (IoT) devices around the world.
The hacker in question reportedly trawled the internet for users who were exposing their Telnet ports. They then tried to gain access to these devices using factory default usernames and passwords, as well as custom (but generic) password combinations.
The hacker reportedly runs a DDoS-for-hire service, but has now expanded their operation to include renting out hijacked high-output servers from cloud service providers like Telnet.
It is unclear how many of the credentials published remain valid, as the lists are all dated between October and November 2019. However, experts warn that, even if IP addresses and passwords have been updated or changed, skilled hackers can still exploit similar vulnerabilities on other devices clustered on the same ISP, due to employee error when configuring the routers or IoT devices.
Anonymous comments are welcome, just check the "Comment Anonymously" box before submitting your comment. Note: Comments are free and open until someone ruins it. Don't dox, promote violence, etc. Be nice and have fun.
CLICK TO SHARE