Your Web News in One Place

Help Webnuz

Referal links:

Sign up for GreenGeeks web hosting
August 28, 2017 10:00 pm

Someone Published a List of Telnet Credentials For Thousands of IoT Devices

An anonymous reader writes: A list of thousands of fully working Telnet credentials has been sitting online on Pastebin since June 11, credentials that can be used by botnet herders to increase the size of their DDoS cannons. The list includes an IP address, device username, and a password, and is mainly made up of default device credentials in the form of "admin:admin", "root:root", and other formats. There are 33,138 entries on the list, which recently became viral on Twitter after several high-profile security experts retweeted a link to it. During the past week, a security researcher has been working to find affected devices and notify owners or their ISPs. Following his work, only 2,174 devices still allow an attacker to log on via its Telnet port, and 1,775 of the published credentials still work. "There are devices on the list of which I never heard of," the researcher said, "and that makes the identification process much slower."

Read more of this story at Slashdot.


Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/1w2w1jJaGPI/someone-published-a-list-of-telnet-credentials-for-thousands-of-iot-devices

Share this article:    Share on Facebook
View Full Article

Slashdot

Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..

More About this Source Visit Slashdot