Your browser is obsolete!

The page may not load correctly.

Kids’ web 2.0

Детки в сетке

Other issues in this category (8)
  • add to favourites
    Add to Bookmarks

Inexperienced hackers

Read: 22421 Comments: 3 Rating: 8

Tuesday, May 21, 2019

A hacker going by the alias Subby compromised the command and control (C&C) servers responsible for maintaining the operation of 29 IoT botnets.

Source

How did he do that? By mounting brute-force attacks.

Ankit Anubhav, a security researcher at NewSky Security, described the attacks in detail in his blog. According to the researcher, the criminals behind the botnet were using such common credentials as root:root, admin:admin and oof:oof. To illustrate his point, the security expert drew up a table containing the list of C&C servers, their respective botnets, and the login-password combinations that the criminals used to access the control panel.

#drweb

Source

Root:root, root:scool, and other combinations aren't exactly a shining example of strength and originality. And it's not even about hackers getting lazy. More often than not, it is low-skilled criminals who prey upon law-abiding citizens.

According to Subby, script kiddies were behind most of the C&C servers. To herd devices into a botnet, they used publicly available manuals that anyone can find on the Internet.

So the conclusion is pretty obvious. The success of most attacks comes down to our laziness and lack of computer literacy. Too lazy to come up with a strong password, too lazy to use a different password for the anti-virus settings, and too lazy to update the system in a timely manner and reboot it whenever prompted to do so.

#virus_maker #password

The Anti-virus Times recommends

Well, if pros want to hack into your system, they will probably succeed. However, in most cases attacks are mounted by amateurs armed with online guides that anyone can find on the Web. Follow the basic security recommendations that we keep putting forward in our posts, and you will enjoy a safe and worry-free experience online!

[Twitter]

Tell us what you think

To leave a comment, you need to log in under your Doctor Web site account. If you don't have an account yet, you can create one.

Comments

Comments to other issues | My comments