Hackers have confirmed they successfully attacked Internet of Things (IoT) devices that access the Telnet port. In a confirmation, bad actors say they took passwords for smart devices, home routers, and servers from a device scanning attack.
In a published list (bot list), the credentials of 515,000 IoT devices were revealed. According to a report on ZDNet, this is the largest Telnet breach ever.
If you’re unfamiliar with Telnet, it is a remote access protocol that acts as a connected device controller. It is notorious for being pretty poor in terms of security and is notable for being open to backdoor attacks.
In the list, there are IP addresses, passwords, and usernames. The hackers achieved the attack by scanning across the entire internet to find Telnet connected devices that had their ports open. Once this found, the attacker used default passwords and usernames or tried easy to guess passwords until they had success.
While this is clearly bad news for owners of affected devices, there is a caveat. Specifically, the information hacked comes from October 2019. There will be at least a subset of users who have updated their credentials since. However, there’s no point ignoring that most probably haven’t.
Recent Wyze Breach
Earlier this month, IoT company Wyze suffered a similar leak. An Elasticsearch database owned by the company was leaking the information, which included email addresses.
The offending Elasticsearch database was exposed between December 4 and 26. Information hosted on the database included email address from millions of Wyze customers. Device information such as Wi-Fi SSIDs, camera nicknames, and general manufacturer details was also stored.