Finally, an anonymous internet hacker launched a sudden large-scale security attack, during which he scanned the Internet globally randomly, in search of computers and Internet of Things objects connected to the network, which have weaknesses and are not well secured, where he managed within two months to penetrate 515 thousand computers Server and device, obtaining all its sensitive data, foremost of which are passwords and digital addresses, and placing them in an indexed and classified list, then publishing the complete list a few days ago on one of the famous hacker forums, which made the devices listed in the list vulnerable to tampering, destruction, manipulation and remote control by Thousands of other pirates around the world.
Several technical websites discussed available information about the new attack, explaining that the hacked devices include maid and personal computers, Internet devices and things linked to surveillance cameras in homes, as well as production equipment inside factories and commercial and governmental institutions, in addition to washers, refrigerators, televisions and cameras, in addition to cars and working equipment On the roads and routers of some institutions.
None of the reports published by those sites mentioned information about the identity of the pirate or the place of publishing the list, or the identity of the victims whose computers and devices were penetrated, as this is in violation of the laws, and so that the list circulation list does not widen and the risks associated with it deepen.
Information security analysts at the network «ZDNet» specialized in technology were the first to uncover that sudden attack in a report they published yesterday, and they quoted experts who described them as “professionals with confidence in information security” that the published list includes sensitive data for the hacked devices, including the address Digital, password, and user name, and the Telnet protocol password for remote access for each device, which can be used to control devices over the Internet.
According to the experts that ZDNet spoke to, and a statement published by the pirate himself, the list was compiled by scanning the entire internet over the past October and November, searching for any device connected to the World Wide Web, and its Telnet port is exposed and not Insured, or has a weak point.
And experts said that once a hacker stumbles in a device of this type, he attacks it with software of the type “IOT Pot Net”, or “robots” of the Internet software that attacks the Internet devices of things, and the associated servers and personal computers, and then these “robots” »The software accesses sensitive data, whether it is factory default usernames and passwords, or private passwords that are easy to guess.
The experts pointed out that historically this is one of the well-known methods of launching attacks using "software robots", whether for Internet of Things devices or others. Usually, the pirate's success is due to the lack of awareness of the users, and their indulgence in controlling the security settings of their servers, and their devices connected to the Internet, whether Leave it with passwords set by default during manufacture, or with easy passwords.
They added that, most of the time, pirates prepare these lists and put them up for sale via hacking forums and black web sites, so that other pirates can buy them, access them immediately, and plant their malware to be under their control at any time, then they use them to launch other security attacks. Most prominent and most common denial of service attacks, or "de-dos".
Cairo À Emirates today
Information security experts pointed out that the sudden new attack, called "bot lists", meaning sensitive data lists collected by "robots" software, a type of attack that appeared and increased with the expansion in the use of IoT devices in recent years. According to estimates by the International Gartner Foundation for Information and Communication Technology Market Research, the number of Internet devices for things connected to the Internet amounted to 6.4 billion devices by 2016, while it is expected to reach 20 billion devices during the current year, an amazing number that greatly expands the field for pirates. And lures them to always conduct random surveys of the Internet, in search of devices that are less active, secure, and more vulnerable, known historically as "zombies" or dead live devices on the Internet.