Hacker leaks extensive list of Telnet credentials


A hacker had published an extensive list of Telnet credentials, consisting of leaked passwords for more than 500,000 servers, routers and IoT devices, including IP addresses, along with the usernames and passwords for the Telnet service.

Clement Lee, Principal Consulting Architect, Asia Pacific, Check Point Software Technologies provided, “Servers, Network Routers and IoT devices are commonly accessible from publicly accessible networks (i.e. Mall/Cafe WiFi) and/or the internet. WiFi is inherently insecure and therefore, so is your home network. Allowing easy access to such resources exposes businesses and private citizens to all sorts of malicious (even criminal) activities and may even subject them to legal liabilities. Even if the hackers are not interested in your personal/business’ private data, you can become an unwitting resource in the participation of a wide scale, coordinated attack against targeted entities.

When you introduce any component into your network (home or business), ensure that any sort of administrative function to the device MUST HAVE access control credentials and that they are NOT left as its default. Make it a point to change your WiFi password and check with the device manufacturer for firmware updates, every six months. Don’t be unwitting participants to cybercrime.

At this point in time, IoT device manufacturers have very little incentive to invest significant attention to security. This is especially true when the cost of consumer electronics keeps dropping and manufacturers are struggling to keep their margins to keep themselves competitive. Unfortunately, until there is legislation and/or market demands that would impact manufacturer’s bottom lines, I highly doubt that there will be any progression in IoT security.”