Hackers Now use IoT Devices As Proxies For Remote Credential Testing

The Internet of Things holds great merit and future potential for creating a smarter and more automated ecosystem. Unfortunately, these Internet-connected devices have one fatal weakness: security. Hackers can easily hijack thousands of DVRs, CCTV cameras, and networking devices to test stolen login information from various sources. This makes it nearly impossible to find the people responsible for the theft and these hacking attempts.

Using IoT Devices To Check Stolen Credentials

In this day and age of online crime, hackers and other nefarious individuals are stepping up their game. As more devices get connected to the Internet, new forms of technological exploitation become apparent. A lot of our devices have an active Internet connection, but most of them are not adequately secured.

Criminals have come up with a new way to take advantage of these security weaknesses. By taking control over thousands of devices– mostly DVRs, satellite antennas, and others–they can use them to test stolen login credentials. In fact, new research shows as many as two million devices may have been used during this “trial and error” campaign.

Keeping in mind how the majority of IoT devices can be accessed through a web portal, it is not overly difficult to take advantage. If the criminals manage to log in as an administrator, they can compromise all data stored on the machine. For a router or network server this could spell serious trouble. But there is more, as they can also take over the machine entirely, sometimes even without the owner noticing that something malicious is going on.




To make matters worse, one of the biggest targets investigated during this research is a company specializing in developing Wi-Fi hotspot hardware. A lot of consumers use free Wi-Fi in public places, trusting the business owner to ensure that all data is secure and safe from prying eyes. But if the culprits manage to break into the hotspot and capture all information flowing through, there is no security to speak of.

The company in question, going by the name of Ruckus Wireless, issued a security warning back in 2013. At that time, the first incidents of malicious usage of their Wi-Fi hotspots were noted. However, the Akamai research stated that these hotspots are still being used three years later, which indicates that the vendor did little to patch the security vulnerabilities.

Making all IoT devices accessible by SSH seems to be a problem as well. This is the connection method used by criminals to access most devices, as the protocol supports remote logins even from remote locations. Using third-party devices to cover the tracks of a hacking attempt is clever, but it also highlights another new problem for security researchers.

If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.

Leave a Reply