Hacker leaks passwords for more than 500,000 servers, routers, and IoT devices
A hacker has published this week a massive list of Telnet credentials for more than 515,000 servers, home routers, and IoT (Internet of Things) "smart" devices.
The list, which was published on a popular hacking forum, includes each device's IP address, along with a username and password for the Telnet service, a remote access protocol that can be used to control devices over the internet.
These lists are usually kept private, although some have leaked online in the past, such as a list of 33,000 home router Telnet credentials that leaked in August 2017. To our knowledge, this marks the biggest leak of Telnet passwords known to date.
DATA LEAKED BY A DDOS SERVICE OPERATOR
As ZDNet understands, the list was published online by the maintainer of a DDoS-for-hire (DDoS booter) service.
When asked why he published such a massive list of "bots," the leaker said he upgraded his DDoS service from working on top of IoT botnets to a new model that relies on renting high-output servers from cloud service providers.
All the lists the hacker leaked are dated October-November 2019. Some of these devices might now run on a different IP address, or use different login credentials.
ZDNet did not use any of the username and password combos to access any of the devices, as this would be illegal -- hence we are unable to tell home many of these credentials are still valid.
Using IoT search engines like BinaryEdge and Shodan, ZDNet identified devices all over the world. Some devices were located on the networks of known internet service providers (indicating they were either home router or IoT devices), but other devices were located on the networks of major cloud service providers.