Many home routers and IoT devices are the targets of hackers because they can form a huge botnet to launch attacks and so on.
As for how hackers can infect these routers and IoT devices, it is actually very simple. Most devices have preset factory passwords that have not been modified by users or users have weak passwords. For example, a hacker recently announced the passwords of the 510,000 servers, routers, and IoT devices. Anyone can use these passwords to manipulate servers, routers, and IoT devices.
The hacker sold DDoS service in the underground black market, which means collecting money to help certain companies attack competitors’ websites or services. Originally, such attacks mainly relied on botnets composed of huge routers and IoT devices. Such botnets can launch higher traffic attacks. However, the hacker re-leased a large number of high-performance cloud servers to launch attacks to improve the quality of service. So the hacker made an incredible decision: to directly publish the management passwords of more than 500,000 devices so that anyone can manipulate them.
ZDNet contacted the security expert and the hacker himself after learning of the incident. After some data verification, it can be determined that the data is valid. The hacker said that the password data was mainly obtained through automatic program scanning. The most important thing is that the default password of many devices has not been modified.
Then hackers also use a combination of common passwords, such as dictionaries, and many devices use common passwords or weak passwords, so they are also scanned and successfully infected. And these data will definitely have other hackers who want to directly infect routers, etc. This can expand the number of zombies in the botnet formed by these hackers.