• Health Is Wealth
  • Posts
  • The login credentials of 500,000 routers and smart health connected objects have been publicly exposed on the web

The login credentials of 500,000 routers and smart health connected objects have been publicly exposed on the web

January 20, 2020

[ad_1]

In search of fame, a hacker posted on a public forum a list of the login credentials – IP address, user name and password – of more than 500,000 routers and smart health connected objects around the world. Information he would have obtained by looking for devices communicating using the Telnet protocol, according to our colleagues from ZDNet, then by trying to connect to it with default or very common identifiers.

INSTALL MALWARES

Using specialized search engines for IoT, such as BinaryEdge or Shodan, ZDNet found that the affected products are located on all continents and are as well smart health connected via the networks of major telecom operators as those of known cloud service providers. Their data, which would have been collected between October and November 2019, may have been modified since to allow the hacker to maintain control over these devices in the long term. The latter would have made them public to promote a service that he was about to launch around distributed denial of service (DDoS) attacks – which aim to make a service or hardware unavailable by saturating it with connection requests. .

The list remains dangerous, even if the connection identifiers of the affected devices have been changed by the hacker or their owners, according to ZDNet. It would make it possible to identify trends around telecom operators – some names often come back – who misconfigure the devices smart health connected to their networks. This could allow an attacker to discover other devices and use them to carry out attacks.

The establishment of such bot lists is a fairly common practice among hackers, who exploit them, once remote access has been established, to install malware. If these are rarely made public, there are precedents. By August 2017, the credentials of 33,000 routers using Telnet had already leaked. But this new maneuver would be, to date, the most important ever carried out around this protocol and its consequences remain unknown.

[ad_2]