CYBER NEWS

Large List of Hijacked IoT Data Leaked On The Internet

An unknown criminal or hacking group has leaked a very large list of Telnet credentials from IoT devices. They are mostly from consumer and commonly used networking hardware — routers, servers, access points and etc. The list was posted on one of the popular hacking underground marketplaces where a lot of criminals typically converse.




Hijacked Iot Data Collected via Botnet

The list of hijacked data have been collected from remote Telnet access — a legacy and popular protocol used for controlling and accessing devices remotely either via manually or using software means. Common actions undertaken by the hackers in order to extract the credentials include attempting to remote control the applications, using common username and password combinations to break into the systems.

Related:
There?s a new large privacy incident regarding an unprotected database from LimeLeads that affects 49 million business contacts.
49 Million Business Records Offered for Sale on Hacking Forums

According to the available information the data was leaked by a criminal posted on the underground hacker forums. They have posted information about how the data was obtained — via a wide network scanning approach. This is done by using an automated scanning tool capable of looking for open IP ports and checking if any insecure services are available. By using common intrusion techniques the tool will automatically record the accessed device and add it to the list. It is also possible that the intrusion attempts have been made by a IoT botnet — a network of compromised machines that will be programmed to conduct operations in a prescribed sequence. The criminal responsible for the list of hijacked data operations has explained that the reason for the success and online leaking of the sensitive data is because they have upgraded their IoT botnet service. Apparently they are in control of a powerful cloud infrastructure. An analysis of the lists of data shows that the credentials have been taken from the period of October through November 2019.

Avatar

Martin Beltov

Martin graduated with a degree in Publishing from Sofia University. As a cyber security enthusiast he enjoys writing about the latest threats and mechanisms of intrusion.

More Posts - Website

Follow Me:
TwitterGoogle Plus

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...