Hacker Subby controls 29 IoT botnets using weak credentials or default credentials. Ankit Anubhav, a security researcher at NewSky Security, said the IoT botnets use extremely simple credentials.
In an interview with Anybhav, Subby said that most of the IoT botnets he invaded were created by script kids based on online tutorials. A large percentage of botnet operators learn tutorials in the community or on YouTube to set up botnets. When you follow the tutorial, the general default credentials are not changed. Even if the credentials are changed, the password is usually weak and therefore vulnerable to brute force attacks.
Subby said he controlled more than 40,000 devices in just one week and but after removing duplicates, the actual count was a meager 25,000. His initial invasion of the Internet of Things botnet was just to test the efficiency of brute force attacks on the C2 management panel to build botnets. It turns out that building an IoT botnet is very easy and can be used for many malicious activities.