Access data of 515,000 servers and IoT devices leaked online: Remote control via Telnet possible

Feb 11, 2020

Cyber criminals have published the access data and IP addresses of over 515,000 servers, routers and IoT devices on a hacker forum. This data can be used to control vulnerable devices using the remote maintenance service Telnet. This could allow attackers to connect to the devices, install malware and use it for their own benefit, for example to set up a botnet for Distributed-Denial-of-Service (DDoS) attacks. In a DDoS attack, a targeted system and its Internet services become unusable due to a deliberately induced overload. In practice this means massive interruptions of all internet-based services and devices, resulting in immense costs. In many cases, such devices even become irreversibly unusable.


Where does the data come from?

According to a report on  ZDnet, the data comes from a provider of DDoS services. On the forum, the hacker reported that he had automatically scanned the entire network for devices with open Telnet access. Then he started to experiment with default passwords or easy-to-guess combinations. He collected the extensive list of access data—a so called bot list—and published it. In the past, comparable collections have been used for large-scale attacks and to spread malware. For example, in June last year, the malware Silex destroyed 2,000 IoT devices in just a few hours. Brickerbot destroyed around two million devices in 2017. To do this, the malware logged into the infected IoT devices with standard access data and overwrote disks and partitions with random data. Silex also deletes the firewall settings, removes the network configuration and then switches off the device, rendering the IoT devices are unusable.


Protection Plan customers are protected


As a customer of our Protection Plan , with the soltion Adaptive Defense 360 you have nothing to worry about. Adaptive Defense 360 ensures the security of all endpoints on your corporate network by using advanced technologies and self-teaching systems. In order to prevent malicious processes, all data is centrally monitored in real time and classified 100%. This is how anomalies get noticed and attacks that attempt to install malware via an IoT device will be stopped before any malicious activities can occur.


Defend your business with The Protection Plan. Book a Free Cyber Clinic Today.

Book a Free Cyber Clinic

Follow Us

Be the first to know

You might also like

Types of Hackers – The 6 Hats Explained

08 Apr, 2024
‘Hacking’ refers to activities performed by a threat actor (a ‘hacker’) that seeks to compromise digital services, such as computers, smartphones, and networks. Hackers are usually characterised as only being unlawful, motivated by financial gain, information gathering, or even just for the thrill of having a challenge.
Different Penetration Testing Types

Different Types of Penetration Testing

01 Apr, 2024
Penetration testing is a form of an ethical hacking simulation conducted in accordance with industry guidelines, which aims to closely mimic real-world targeted attacks that organisations face daily. By actively testing your organisation’s defences, you can understand your security posture while also improving your defences, reducing the likelihood of experiencing a cyber-attack, ensuring confidentiality, integrity, and availability
What is Penetration Testing?

What is Penetration Testing?

25 Mar, 2024
A penetration test ultimately seeks to answer the question “How effective is my organisation’s security controls against a skilled human hacker?” while determining the security posture of your organisation.
More Posts
Share by: