Hackers Now use IoT Devices As Proxies For Remote Credential Testing

The Internet of Things holds great merit and future potential for creating a smarter and more automated ecosystem. Unfortunately, these Internet-connected devices have one fatal weakness: security. Hackers can easily hijack thousands of DVRs, CCTV cameras, and networking devices to test stolen login information from various sources. This makes it nearly impossible to find the people responsible for the theft and these hacking attempts.

Using IoT Devices To Check Stolen Credentials

In this day and age of online crime, hackers and other nefarious individuals are stepping up their game. As more devices get connected to the Internet, new forms of technological exploitation become apparent. A lot of our devices have an active Internet connection, but most of them are not adequately secured.

Criminals have come up with a new way to take advantage of these security weaknesses. By taking control over thousands of devices– mostly DVRs, satellite antennas, and others–they can use them to test stolen login credentials. In fact, new research shows as many as two million devices may have been used during this “trial and error” campaign.

Keeping in mind how the majority of IoT devices can be accessed through a web portal, it is not overly difficult to take advantage. If the criminals manage to log in as an administrator, they can compromise all data stored on the machine. For a router or network server this could spell serious trouble. But there is more, as they can also take over the machine entirely, sometimes even without the owner noticing that something malicious is going on.



Related Post

To make matters worse, one of the biggest targets investigated during this research is a company specializing in developing Wi-Fi hotspot hardware. A lot of consumers use free Wi-Fi in public places, trusting the business owner to ensure that all data is secure and safe from prying eyes. But if the culprits manage to break into the hotspot and capture all information flowing through, there is no security to speak of.

The company in question, going by the name of Ruckus Wireless, issued a security warning back in 2013. At that time, the first incidents of malicious usage of their Wi-Fi hotspots were noted. However, the Akamai research stated that these hotspots are still being used three years later, which indicates that the vendor did little to patch the security vulnerabilities.

Making all IoT devices accessible by SSH seems to be a problem as well. This is the connection method used by criminals to access most devices, as the protocol supports remote logins even from remote locations. Using third-party devices to cover the tracks of a hacking attempt is clever, but it also highlights another new problem for security researchers.

If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.

JP Buntinx

JP Buntinx is a FinTech and Bitcoin enthusiast living in Belgium. His passion for finance and technology made him one of the world's leading freelance Bitcoin writers, and he aims to achieve the same level of respect in the FinTech sector.

Share
Published by
JP Buntinx

Recent Posts

Crypto Whale Sparks 8x Surge In $OPK Price with Massive Buy-in

A mysterious crypto whale, who previously invested 9,600 SOL into tokens $Pnut and $FRED, has…

18 mins ago

Early ENS Investor Transfers $2.47M To Binance Amid Upcoming Token Unlocks

An early investor linked to the $ENS token recently transferred 154,000 ENS tokens, valued at…

20 mins ago

Wintermute’s Memecoin Strategy: BABYDOGE Ranks Among Top 3 Holdings

In a surprising turn, $BABYDOGE has climbed to the top three in Wintermute’s memecoin holdings…

27 mins ago

$Pnut’s Meteoric Rise: How A Tragic Squirrel Inspired A Memecoin Sensation

The $Pnut memecoin recently soared past a $120 million market cap, creating unexpected wealth for…

33 mins ago

Political Memecoins And High-Stakes Bets Surge As Election Approaches

With election season heating up, political memecoins like $PEOPLE, $MAGA, $HARRIS, and $TRUMP are surging.…

39 mins ago

TRX Price Prediction: Tron Network Fee Cut to Spark New ATH?

Back into Spotlight: Tron Network Fee Cut Could Push TRX to ATH, But This DeFi…

10 hours ago