A hacker has leaked usernames and passwords of more than five million servers, routers and Internet of Things (IoT) devices on the Dark Web that can be used to install malware on Internet-connected devices at home or at work .
Attackers can use those credentials to gain remote access to affected devices, such as we’ve seen recently in some home cameras and devices, including Amazon-owned ring security cameras.
As reported by ZDNet on Sunday, the list of Telnet credentials has been published on a popular hacking forum that includes the IP address of each device along with the username and password for the Telnet service.
Telnet is one of the earliest remote login protocols on the Internet. It is a client-server protocol that provides the user with a terminal session from a Telnet client application to a remote host.
“Hackers scan the Internet to build bot lists, and then use them to connect to devices and install malware,” the report states.
The list has been published online by an maintainer of a Direct Denial of Service (DDoS) botnet operator.
However, some of these devices can now run on a different IP address, or use different login credentials.
“The report mentions,” some devices were located on networks of known Internet service providers (indicating that they were either home routers or IoT devices), but other devices were located on the networks of major cloud service providers.
Five million devices are still at risk of hacking because a hacker can use the IP address included in the list and then re-scan the Internet service provider’s network to update the list with the latest IP address.
Amazon’s ring subsidiary came into the news for all the wrong reasons, where customers’ in-house cameras were broken and hackers tried to intimidate residents, including children.
In the bone-chilling incident, the parents of an eight-year-old girl in the US were stunned when a hacker used a camera installed in their daughter’s room and taunted her.