Security researchers have found a list of login credentials that allows anyone on the Internet to take over home routers and more than 1,700 “Internet of things” devices and can make them part of a destructive botnet.
The list of telnet-accessible devices was first posted in June. It is continuously updated and has user names and passwords for 8K+ IP addresses. 2K+ were still running as of August 20, 2017 and 1700+ were still accessible. IoT devices have been used in DDoS attack in the past. CDSBureau believes that these credentials can be used for the same. Also, criminals/hackers can use these credentials to steal private information and data.
CDSBureau advises all its readers and members to secure their IoT devices with strong passwords and put them behind the firewall.