【史上规模最大黑客攻击显示,密码12345、password最常用】

【史上规模最大黑客攻击显示,密码12345、password最常用】僵尸网络“Mirai”通过61个常用用户名和密码组合攻击了全球成千上万台设备,通过黑客公布的数据显示,大多数家庭的设备密码是默认密码,12345、password最多。僵尸网络的作者已发布源代码,并说明配置和设置,类似的威胁可能会很快上升。

Passwords used in the biggest ever cyberattack revealed - and '12345' and 'password' were top

From routers to DVRs, default passwords are found widely among household devices – and these credentials were used to carry out what’s been called the largest DDoS attack on record.

It has been revealed that the Mirai botnet, one of two networks involved in the recent cyberattacks, used 61 username and password combinations to attempt ‘brute-force’ hacks into thousands of devices around the world.

And, the botnet’s author has released the source code along with instructions for its configuration and set-up, meaning similar threats may soon be on the rise, according to CSO.

The Mirai botnet, one of two networks involved in the recent cyberattacks, used 61 username and password combinations to attempt ‘brute-force’ hacks into thousands of devices around the world. Examples include 'admin' and '1234'

Mirai is powered by Internet of Things technology and had connected to nearly 400,000 devices from telnet scanning at its peak.

A look at the list of passwords from the botnet's source code may strike an alarmingly familiar chord; examples include ‘password,’ ‘1234,’ ‘admin,’ and ‘guest,’ among many others commonly seen in connected devices.

According to CSO, Mirai uses these 61 unique username-password combinations to attempt access on devices after scanning for telnet.

It needs just a minimum of two servers to carry out attacks, but was run using two VPS accounts, one server for command and control, and three servers for additional load balancing.

Mirai has been linked to a DDoS attack against service provider OVH, and even recently targeted the website of industry expert and former Washington Post writer Brian Kreb.

It is thought the attack was in response to a recent blog post he wrote, exposing hackers who carry out the same kind of attacks for money.

The site, ‘Krebs on Security,’ was kept online following the massive attack, and Mirai’s connected devices subsequently shrank to roughly 300,000, but the incident has not been taken lightly.

On Sept 21, Krebs tweeted ‘Someone has botnets with capabilities we haven’t seen before.’

The attack is said to to have been twice as big as any the security team had previously seen.

According to a blog post written by Mr Krebs, the website 'was the target of an extremely large and unusual distributed denial-of-service (DDoS) attack designed to knock the site offline.

'The attack did not succeed thanks to the hard work of the engineers at Akamai, the company that protects my site from such digital sieges,' Mr Krebs said.

It began around 8 PM ET that Tuesday (1 AM Wednesday BST), and initial reports put it at approximately 665 Gigabits of traffic per second bombarding the site.

Martin McKeay, a senior security advocate at Akamai, said the largest attack the company had seen ever seen before, which was earlier this year, was 363 Gbps.

According to the company, the way the attack was carried out was unusual.

The biggest chunk of the attack came in the form of traffic designed to look like it was generic routing encapsulation (GRE) data packets.

This is a kind of communication protocol used to establish a direct connection between networks.

'Seeing that much attack coming from GRE is really unusual,' Mr McKeay said.

'We've only started seeing that recently, but seeing it at this volume is very new.'

'Someone has a botnet with capabilities we haven't seen before,' McKeay said.

'We looked at the traffic coming from the attacking systems, and they weren't just from one region of the world or from a small subset of networks — they were everywhere.'

Some evidence suggest the attack was launched with the help of a botnet that has enslaved a large number of hacked so-called 'Internet of Things,' (IoT) devices.

These could be routers, IP cameras and digital video recorders (DVRs) that are exposed to the internet.

The other question is why this particular site was targeted.

'Many readers have been asking whether this attack was in retaliation for my recent series on the takedown of the DDoS-for-hire service vDOS,' Mr Krebs wrote.

'Which coincided with the arrests of two young men named in my original report as founders of the service.'

Soon after the article was published, Israeli police arrested the two men named by Mr Krebs. Released on bail, the pair were barred from using the net for 30 days.

'I can’t say for sure, but it seems likely related,' Mr Krebs added.

链接:http://www.dailymail.co.uk/sciencetech/article-3825740/Passwords-used-biggest-DDoS-attack-revealed-12345-password-top.html


Comments are closed.



无觅相关文章插件