Hacker leaks 500k passwords for servers, routers and IoT devices on Dark Web

7개월 전

 A hacker has dumped a massive list of Telnet credentials and passwords for over 500,000 servers, routers, and so-called smart devices on the Dark Web, exposing the persistent vulnerability of cloud service providers.

The list, published on a popular hacking forum, includes IP addresses, usernames and passwords for the Telnet remote service, which is used on numerous Internet of Things (IoT) devices around the world.  

 The hacker in question reportedly trawled the internet for users who were exposing their Telnet ports. They then tried to gain access to these devices using factory default usernames and passwords, as well as custom (but generic) password combinations. 

 Illustration: © Pixabay / Markus Spiske 

 The hacker reportedly runs a DDoS-for-hire service, but has now expanded their operation to include renting out hijacked high-output servers from cloud service providers like Telnet.  

 This latest incident is the largest known leak of Telnet passwords to date.  

 It is unclear how many of the credentials published remain valid, as the lists are all dated between October and November 2019. However, experts warn that, even if IP addresses and passwords have been updated or changed, skilled hackers can still exploit similar vulnerabilities on other devices clustered on the same ISP, due to employee error when configuring the routers or IoT devices.


Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!
Sort Order:  trending

And this is why I threw a fit when CenturyLink tried to tell me that I HAD to let their wireless router be active in the modem.

and this is why I lock everything down and passphrase instead of passwording...