Wikipedia defines Internet of Things as:
Image by: Wikipedia
The Internet of things (IoT) is the inter-networking of physical devices, vehicles (also referred to as “connected devices” and “smart devices”), buildings, and other items embedded with electronics, software, sensors, actuators, and network connectivity which enable these objects to collect and exchange data.
It’s basically any object that is connected to the internet. It can be anything from your smart phone, your fitbit, your CCTV Camera, DVR, or your home wi-fi router.
Most of the owners don’t bother changing the default username and passwords. In in many cases, default usernames and passwords are just too easy to guess. The most common ones are admin:admin, admin:password, admin/<blank>, admin:0000, user:user, root:12345 and support:support
This well-known vulnerability has become an easy target for exploitation. Millions of devices has become susceptible to attack where attackers can easily gain access to these devices and add them to a botnet of IoT equipment which can serve as an instrument for a DDOS (Distributed-Denial-Of-Service) on a particular victim network.
Mirai Botnet scans on port 23/2323 and 7547* and uses a brute force technique for guessing passwords based on the following list:
- root xc3511
mother f**er [censored]
On port TCP 7547* – i find a lot of instance of home and business-grade modems has this port open, I once talked to an Australian ISP and they themselves are unable to tell me exactly what this port is used for, or why are they open. The easiest excuse they told me is this port is “reserved” for remote management. Which by that purpose itself is a dangerous vulnerability. 😦 The option they gave us to mitigate the vulnerability was to replace that basic modem with a commercial-grade firewall that will shouldered by the customer.
However, once Mirai gain access to the device, the botnet code is not store on the device and can be purged once the infected device is restarted. Well, that’s good news, atleast. But, a more resilient and robust IoT botnet n the coming months can be expected with the rise of popularity and widespread use of IoT and lack of awareness for its users getting rid of the default usernames and to secure the credentials which include setting a stronger passwords.