Sunday February 23, 2020
Home Lead Story Hacker Leaks ...

Hacker Leaks Passwords for Over 5 Lakh Servers, IoT Devices

In a bone-chilling incident, parents of an eight-year-old girl in the US were left stunned when a hacker accessed a camera installed in their daughter's room and taunted her

0
//
hackers
Hackers have become an invaluable extension of the most trusted security teams. Pixabay

A hacker has leaked usernames and passwords of over five lakh servers, routers and Internet of Things (IoT) devices on the Dark Web which can be used to install malware on Internet-connected devices at home or at work.

Attackers could use those credentials to gain remote access to the affected devices, like we have seen recently in some home cameras and devices, including Amazon-owned Ring security cameras.

According to a ZDNet report on Sunday, the list of Telnet credentials has been published on a popular hacking forum that includes each device’s IP address, along with a username and password for the Telnet service.

Telnet is one of the earliest remote login protocols on the Internet. It is a client-server protocol that provides the user a terminal session to the remote host from the telnet client application.

“Hackers scan the internet to build bot lists, and then use them to connect to the devices and install malware,” said the report.

The list has been published online by the maintainer of a Direct Denial of Service (DDoS) botnet operator.

Cyber attack
Hackers and cyber criminals have IT managers on their target as per the survey. Pixabay

However, some of these devices might now run on a different IP address, or use different login credentials.

“Some devices were located on the networks of known Internet service providers (indicating they were either home router or IoT devices), but other devices were located on the networks of major Cloud service providers,” the report mentioned.

The five lakh devices still remain at hacking risk as a hacker can use the IP addresses included in the lists and then re-scan the internet service provider’s network to update the list with the latest IP addresses.

Also Read: Actress Raveena Tandon to Produce Web Series on Personality Disorder

Amazon’s Ring subsidiary came in news for all the wrong reasons where customers’ in-house cameras were broken into and the hackers tried to intimated the residents, including children.

In a bone-chilling incident, parents of an eight-year-old girl in the US were left stunned when a hacker accessed a camera installed in their daughter’s room and taunted her. (IANS)

Next Story

Iranian Hackers Breach VPN Servers to Gain Network Access of Several Firms Globally

Iranian hackers breach VPN servers of several firms globally

0
Iranian hackers
Cybersecurity researchers have spotted a widespread hacking by Iranian groups. Pixabay

Cybersecurity researchers have spotted a widespread hacking by Iranian groups who compromised VPN (virtual private network) servers, planted bugs or ‘backdoors’ and succeeded in gaining access to the networks of numerous companies and organisations around the world.

During the last quarter of 2019, the research team from the UK-based ClearSky uncovered a widespread Iranian offensive campaign which it called the “Fox Kitten Campaign”. “This campaign is being conducted in the last three years against dozens of companies and organisations in Israel around the world,” the company said in a statement on Sunday.

“Through the campaign, the attackers succeeded in gaining access and persistent foothold in the networks of numerous companies and organisations from the IT, telecommunication, oil and gas, aviation, government and security sectors around the world,” it added.

Aside from malware, the campaign enfolds an entire infrastructure dedicated to ensuring the long-lasting capability to control and fully access the targets chosen by the Iranians. The campaign infrastructure was used to develop and maintain access routes to the targeted organisations and steal valuable information from the targeted organisations.

Iranian hackers
The Iranian APT groups have succeeded to penetrate and steal information from dozens of companies around the world in the past three years. Pixabay

“Hackers maintained a long-lasting foothold at the targeted organisations and breach additional companies through supply-chain attacks.”

The campaign was conducted by using a variety of offensive tools, most of which open-source code-based and some self-developed. The Iranian APT groups have succeeded to penetrate and steal information from dozens of companies around the world in the past three years.

The most successful and significant attack vector used by the Iranian advanced persistent threat (APT) groups in the last three years has been the exploitation of known vulnerabilities in systems with unpatched VPN and RDP services, in order to infiltrate and take control over critical corporate information storages.

After breaching the organisations, the attackers usually maintain a foothold and operational redundancy by installing and creating several more access points to the core corporate network. As a result, identifying and closing one access point does not necessarily deny the capability to carry on operations inside the network.

Also Read- High Temperature Records in Antarctica will Take Months to Verify: UN

“Iranian APT groups have developed good technical offensive capabilities and are able to exploit one-day vulnerabilities in relatively short periods of time,” said the researchers. ClearSky observed Iranian groups exploiting VPN flaws within hours after the bugs had been publicly disclosed.

According to a ZDNet report, Iranian hackers have targeted Pulse Secure, Fortinet, Palo Alto Networks, and Citrix VPNs to hack into large companies. (IANS)