Botnets Keep Brute-Forcing Internet of Things Devices


Botnets Keep Brute-Forcing Internet of Things Devices
Map shows bot infections in September that were being used to launch brute-force attacks targeting a preset list of usernames and passwords via telnet. (Source: Arbor Networks)

Two years after Mirai botnets first appeared, new generations of botnets are continuing to probe for internet-connected devices that they can easily compromise, often via a vastly expanded list of default usernames and passwords.

Mirai targeted 64 default or hardcoded credentials built into internet of things devices (see: Mirai Malware Hacker Pleads Guilty in German Court).

Using a telnet honeypot designed to study how botnets are attempting to compromise IoT devices, Arbor Networks in September found that botnets are continuing to target the 64 username and password combinations seen in the Mirai source code, as well as at least 1,005 new ones.

Read more…