{"id":2280,"date":"2017-09-12T10:34:25","date_gmt":"2017-09-12T13:34:25","guid":{"rendered":"https:\/\/www.nachodelatorre.com.ar\/mosconi\/?p=2280"},"modified":"2017-09-12T10:34:25","modified_gmt":"2017-09-12T13:34:25","slug":"masivo-exploit-iot-mas-de-1-700-credenciales-telnet-validas-para-dispositivos-iot-filtrados-en-linea","status":"publish","type":"post","link":"https:\/\/www.fie.undef.edu.ar\/ceptm\/?p=2280","title":{"rendered":"Masivo Exploit IoT: M\u00e1s de 1.700 credenciales Telnet v\u00e1lidas para dispositivos IoT filtrados en l\u00ednea"},"content":{"rendered":"<p>Investigadores de seguridad advierten de la disponibilidad en l\u00ednea de una lista de dispositivos IoT y credenciales de telnet asociadas.<!--more--><\/p>\n<p><strong>Security researchers are warning of the availability online of a list of IoT devices and associated telnet credentials.<\/strong><\/p>\n<p>The list has been available on Pastebin since June, but last week it was also shared via Twitter by the researcher Ankit Anubhav becoming rapidly viral.<\/p>\n<p>The original list\u00a0<a href=\"https:\/\/arstechnica.com\/information-technology\/2017\/08\/leak-of-1700-valid-passwords-could-make-the-iot-mess-much-worse\/\">was posted<\/a>\u00a0by someone who has previously published a dump of valid log-in credentials and also the source code of a botnet.<\/p>\n<div class=\"SandboxRoot env-bp-350\" data-twitter-event-id=\"0\">\n<div id=\"twitter-widget-3\" class=\"EmbeddedTweet EmbeddedTweet--edge EmbeddedTweet--mediaForward media-forward js-clickToOpenTarget js-tweetIdInfo tweet-InformationCircle-widgetParent\" lang=\"en\" data-click-to-open-target=\"https:\/\/twitter.com\/ankit_anubhav\/status\/900803406914347008\" data-iframe-title=\"Twitter Tweet\" data-dt-full=\"%{hours12}:%{minutes} %{amPm} - %{day} %{month} %{year}\" data-dt-explicit-timestamp=\"4:34 PM - Aug 24, 2017\" data-dt-months=\"Jan|Feb|Mar|Apr|May|Jun|Jul|Aug|Sep|Oct|Nov|Dec\" data-dt-am=\"AM\" data-dt-pm=\"PM\" data-dt-now=\"now\" data-dt-s=\"s\" data-dt-m=\"m\" data-dt-h=\"h\" data-dt-second=\"second\" data-dt-seconds=\"seconds\" data-dt-minute=\"minute\" data-dt-minutes=\"minutes\" data-dt-hour=\"hour\" data-dt-hours=\"hours\" data-dt-abbr=\"%{number}%{symbol}\" data-dt-short=\"%{day} %{month}\" data-dt-long=\"%{day} %{month} %{year}\" data-scribe=\"page:tweet\" data-tweet-id=\"900803406914347008\" data-twitter-event-id=\"4\">\n<article class=\"MediaCard\n           MediaCard--mediaForward\n\n           customisable-border\" dir=\"ltr\" data-scribe=\"component:card\"><\/p>\n<div class=\"MediaCard-media\"><a class=\"MediaCard-borderOverlay\" tabindex=\"-1\" title=\"View image on Twitter\" href=\"https:\/\/twitter.com\/ankit_anubhav\/status\/900803406914347008\/photo\/1\"><span class=\"u-hiddenVisually\">View image on Twitter<\/span><\/a><\/p>\n<div class=\"MediaCard-widthConstraint js-cspForcedStyle\" data-style=\"max-width: 624px\">\n<div class=\"MediaCard-mediaContainer js-cspForcedStyle\" data-style=\"padding-bottom: 128.1729%\"><a class=\"MediaCard-mediaAsset\n                    NaturalImage\n\" href=\"https:\/\/twitter.com\/ankit_anubhav\/status\/900803406914347008\/photo\/1\" data-scribe=\"element:photo\"><img loading=\"lazy\" class=\"NaturalImage-image\" title=\"View image on Twitter\" src=\"https:\/\/pbs.twimg.com\/media\/DIBL6DpXsAQ1Pkp.jpg:large\" alt=\"View image on Twitter\" width=\"717\" height=\"919\" data-srcset=\"https%3A%2F%2Fpbs.twimg.com%2Fmedia%2FDIBL6DpXsAQ1Pkp.jpg%3Alarge 717w,https%3A%2F%2Fpbs.twimg.com%2Fmedia%2FDIBL6DpXsAQ1Pkp.jpg 717w,https%3A%2F%2Fpbs.twimg.com%2Fmedia%2FDIBL6DpXsAQ1Pkp.jpg%3Asmall 531w\" \/><\/a><\/div>\n<\/div>\n<\/div>\n<\/article>\n<div class=\"EmbeddedTweet-tweet\">\n<blockquote class=\"Tweet h-entry js-tweetIdInfo subject expanded \n<p>                    is-deciderHtmlWhitespace\" cite=\"https:\/\/twitter.com\/ankit_anubhav\/status\/900803406914347008\" data-tweet-id=\"900803406914347008\" data-scribe=\"section:subject\"><\/p>\n<div class=\"Tweet-header u-cf\">\n<div class=\"Tweet-brand u-floatRight\">\n<div class=\"Icon Icon--twitter \" title=\"\"><\/div>\n<p><span class=\"u-hiddenInNarrowEnv\"><a class=\"FollowButton FollowButton--edge follow-button profile\" title=\"Follow Ankit Anubhav on Twitter\" href=\"https:\/\/twitter.com\/ankit_anubhav\" data-scribe=\"component:followbutton\">\u00a0Follow<\/a><\/span><\/div>\n<div class=\"TweetAuthor \" data-scribe=\"component:author\"><a class=\"TweetAuthor-link Identity u-linkBlend\" href=\"https:\/\/twitter.com\/ankit_anubhav\" data-scribe=\"element:user_link\"><span class=\"TweetAuthor-avatar Identity-avatar\"><img class=\"Avatar Avatar--edge\" src=\"https:\/\/pbs.twimg.com\/profile_images\/846398147303661568\/UTNwLJ1C_normal.jpg\" alt=\"\" data-scribe=\"element:avatar\" data-src-2x=\"https:\/\/pbs.twimg.com\/profile_images\/846398147303661568\/UTNwLJ1C_bigger.jpg\" data-src-1x=\"https:\/\/pbs.twimg.com\/profile_images\/846398147303661568\/UTNwLJ1C_normal.jpg\" \/><\/span><span class=\"TweetAuthor-name Identity-name customisable-highlight\" title=\"Ankit Anubhav\" data-scribe=\"element:name\">Ankit Anubhav<\/span>\u00a0<span class=\"TweetAuthor-screenName Identity-screenName\" dir=\"ltr\" title=\"@ankit_anubhav\" data-scribe=\"element:screen_name\">@ankit_anubhav<\/span><\/a><\/div>\n<\/div>\n<div class=\"Tweet-body e-entry-content\" data-scribe=\"component:tweet\">\n<p class=\"Tweet-text e-entry-title\" dir=\"ltr\" lang=\"en\">33000+ telnet credentials of IoT devices exposed on pastebin.<br \/>\nLink :\u00a0<a class=\"link customisable\" dir=\"ltr\" title=\"https:\/\/pastebin.com\/p5teudX0\" href=\"https:\/\/t.co\/v5uGw4Llsv\" target=\"_blank\" rel=\"nofollow noopener noreferrer\" data-expanded-url=\"https:\/\/pastebin.com\/p5teudX0\" data-scribe=\"element:url\"><span class=\"u-hiddenVisually\">https:\/\/<\/span>pastebin.com\/p5teudX0<span class=\"u-hiddenVisually\">\u00a0<\/span><\/a>\u00a0<a class=\"PrettyLink hashtag customisable\" dir=\"ltr\" href=\"https:\/\/twitter.com\/hashtag\/iot?src=hash\" rel=\"tag\" data-query-source=\"hashtag_click\" data-scribe=\"element:hashtag\"><span class=\"PrettyLink-prefix\">#<\/span><span class=\"PrettyLink-value\">iot<\/span><\/a>\u00a0<a class=\"PrettyLink hashtag customisable\" dir=\"ltr\" href=\"https:\/\/twitter.com\/hashtag\/hacking?src=hash\" rel=\"tag\" data-query-source=\"hashtag_click\" data-scribe=\"element:hashtag\"><span class=\"PrettyLink-prefix\">#<\/span><span class=\"PrettyLink-value\">hacking<\/span><\/a>\u00a0<a class=\"PrettyLink hashtag customisable\" dir=\"ltr\" href=\"https:\/\/twitter.com\/hashtag\/malware?src=hash\" rel=\"tag\" data-query-source=\"hashtag_click\" data-scribe=\"element:hashtag\"><span class=\"PrettyLink-prefix\">#<\/span><span class=\"PrettyLink-value\">malware<\/span><\/a>\u00a0<a class=\"PrettyLink hashtag customisable\" dir=\"ltr\" href=\"https:\/\/twitter.com\/hashtag\/infosec?src=hash\" rel=\"tag\" data-query-source=\"hashtag_click\" data-scribe=\"element:hashtag\"><span class=\"PrettyLink-prefix\">#<\/span><span class=\"PrettyLink-value\">infosec<\/span><\/a><a class=\"PrettyLink profile customisable h-card\" dir=\"ltr\" href=\"https:\/\/twitter.com\/newskysecurity\" data-mentioned-user-id=\"4729509836\" data-scribe=\"element:mention\"><span class=\"PrettyLink-prefix\">@<\/span><span class=\"PrettyLink-value\">newskysecurity<\/span><\/a><\/p>\n<div class=\"Tweet-metadata dateline\"><a class=\"u-linkBlend u-url customisable-highlight long-permalink\" href=\"https:\/\/twitter.com\/ankit_anubhav\/status\/900803406914347008\" data-datetime=\"2017-08-24T19:34:02+0000\" data-scribe=\"element:full_timestamp\"><time class=\"dt-updated\" title=\"Time posted: August 24, 2017 19:34:02 (UTC)\" datetime=\"2017-08-24T19:34:02+0000\">4:34 PM &#8211; Aug 24, 2017<\/time><\/a><\/div>\n<ul class=\"Tweet-actions\" data-scribe=\"component:actions\">\n<li class=\"Tweet-action\">\n<div class=\"Icon Icon--reply TweetAction-icon Icon--replyEdge\" title=\"Reply\"><\/div>\n<p><a class=\"TweetAction TweetAction--replyEdge web-intent\" href=\"https:\/\/twitter.com\/intent\/tweet?in_reply_to=900803406914347008\" data-scribe=\"element:reply\">\u00a0<span class=\"TweetAction-stat\" data-scribe=\"element:reply_count\">16<\/span><span class=\"u-hiddenVisually\">16 Replies<\/span><\/a><\/li>\n<li class=\"Tweet-action\">\n<div class=\"Icon Icon--retweet TweetAction-icon Icon--retweetEdge\" title=\"Retweet\"><\/div>\n<p><a class=\"TweetAction TweetAction--retweetEdge web-intent\" href=\"https:\/\/twitter.com\/intent\/retweet?tweet_id=900803406914347008\" data-scribe=\"element:retweet\">\u00a0<span class=\"TweetAction-stat\" data-scribe=\"element:retweet_count\">494<\/span><span class=\"u-hiddenVisually\">494 Retweets<\/span><\/a><\/li>\n<li class=\"Tweet-action\">\n<div class=\"Icon Icon--heart TweetAction-icon Icon--heartEdge\" title=\"Like\"><\/div>\n<p><a class=\"TweetAction TweetAction--heartEdge web-intent\" href=\"https:\/\/twitter.com\/intent\/like?tweet_id=900803406914347008\" data-scribe=\"element:heart\">\u00a0<span class=\"TweetAction-stat\" data-scribe=\"element:heart_count\">460<\/span><span class=\"u-hiddenVisually\">460 likes<\/span><\/a><\/li>\n<\/ul>\n<\/div>\n<\/blockquote>\n<\/div>\n<div class=\"tweet-InformationCircle--top tweet-InformationCircle--topEdge tweet-InformationCircle\" data-scribe=\"element:notice\"><a class=\"Icon Icon--informationCircleWhite js-privacyNotice\" title=\"Twitter Ads info and privacy\" href=\"https:\/\/support.twitter.com\/articles\/20175256\"><span class=\"u-hiddenVisually\">Twitter Ads info and privacy<\/span><\/a><\/div>\n<\/div>\n<div class=\"resize-sensor\"><\/div>\n<\/div>\n<p>It is a gift for hackers, more than 1,700 IoT devices could easily take over and recruit them part of a botnet that could be used to power a DDoS attack.<\/p>\n<p>The list has more than 22,000\u00a0views as of Saturday afternoon, while only 1,000 users have seen it since last Thursday.<\/p>\n<p>Many IoT devices included in the list have default and well-known credentials (i.e., admin:admin, root:root, or no authentication required).<\/p>\n<p>Top five credentials were:<\/p>\n<ul>\n<li>root:[blank]\u2014782<\/li>\n<li>admin:admin\u2014634<\/li>\n<li>root:root\u2014320<\/li>\n<li>admin:default\u201421<\/li>\n<li>default:[blank]\u201418<\/li>\n<\/ul>\n<p>The popular researcher\u00a0Victor Gevers, the founder of the GDI Foundation, analyzed the list and confirmed it is composed of more than 8200 unique IP addresses, about 2.174 are accessible via Telnet with the leaked credentials.<\/p>\n<div class=\"SandboxRoot env-bp-350\" data-twitter-event-id=\"1\">\n<div id=\"twitter-widget-4\" class=\"EmbeddedTweet EmbeddedTweet--edge js-clickToOpenTarget tweet-InformationCircle-widgetParent\" lang=\"en\" data-click-to-open-target=\"https:\/\/twitter.com\/0xDUDE\/status\/901062772238274561\" data-iframe-title=\"Twitter Tweet\" data-dt-full=\"%{hours12}:%{minutes} %{amPm} - %{day} %{month} %{year}\" data-dt-explicit-timestamp=\"9:44 AM - Aug 25, 2017\" data-dt-months=\"Jan|Feb|Mar|Apr|May|Jun|Jul|Aug|Sep|Oct|Nov|Dec\" data-dt-am=\"AM\" data-dt-pm=\"PM\" data-dt-now=\"now\" data-dt-s=\"s\" data-dt-m=\"m\" data-dt-h=\"h\" data-dt-second=\"second\" data-dt-seconds=\"seconds\" data-dt-minute=\"minute\" data-dt-minutes=\"minutes\" data-dt-hour=\"hour\" data-dt-hours=\"hours\" data-dt-abbr=\"%{number}%{symbol}\" data-dt-short=\"%{day} %{month}\" data-dt-long=\"%{day} %{month} %{year}\" data-scribe=\"page:tweet\" data-twitter-event-id=\"3\">\n<div class=\"EmbeddedTweet-ancestor\" data-scribe=\"section:conversation\">\n<blockquote class=\"Tweet Tweet--compact h-entry reply js-tweetIdInfo \n<p>                    is-deciderHtmlWhitespace\" cite=\"https:\/\/twitter.com\/0xDUDE\/status\/900827799912673280\" data-tweet-id=\"900827799912673280\"><\/p>\n<div class=\"Tweet-header u-cf\">\n<div class=\"Tweet-metadata u-floatRight\"><a class=\"u-linkBlend u-url permalink customisable-highlight\" href=\"https:\/\/twitter.com\/0xDUDE\/status\/900827799912673280\" data-scribe=\"element:mini_timestamp\"><time class=\"dt-updated\" title=\"Time posted: August 24, 2017 21:10:58 (UTC)\" datetime=\"2017-08-24T21:10:58+0000\">24 Aug<\/time><\/a><\/div>\n<div class=\"TweetAuthor TweetAuthor--oneLine\" data-scribe=\"component:author\"><a class=\"TweetAuthor-link Identity u-linkBlend\" href=\"https:\/\/twitter.com\/0xDUDE\" data-scribe=\"element:user_link\"><span class=\"TweetAuthor-avatar Identity-avatar\"><img class=\"Avatar Avatar--edge\" src=\"https:\/\/pbs.twimg.com\/profile_images\/778598641296633857\/84lF1fjF_normal.jpg\" alt=\"\" data-scribe=\"element:avatar\" data-src-2x=\"https:\/\/pbs.twimg.com\/profile_images\/778598641296633857\/84lF1fjF_bigger.jpg\" data-src-1x=\"https:\/\/pbs.twimg.com\/profile_images\/778598641296633857\/84lF1fjF_normal.jpg\" \/><\/span><span class=\"TweetAuthor-name Identity-name customisable-highlight\" title=\"Victor Gevers\" data-scribe=\"element:name\">Victor Gevers<\/span>\u00a0<span class=\"TweetAuthor-screenName Identity-screenName\" dir=\"ltr\" title=\"@0xDUDE\" data-scribe=\"element:screen_name\">@0xDUDE<\/span><\/a><\/div>\n<\/div>\n<div class=\"Tweet-inReplyTo\"><a class=\"u-linkBlend\" href=\"https:\/\/twitter.com\/_\/status\/900805699009224704\" data-scribe=\"element:in_reply_to_user_link\">Replying to @rayjwatson<\/a><\/div>\n<div class=\"Tweet-body e-entry-content\" data-scribe=\"component:tweet\">\n<p class=\"Tweet-text e-entry-title\" dir=\"ltr\" lang=\"en\">Actually I see only 8,233 unique IP addresses in this dump?\u00a0<a class=\"PrettyLink link media customisable\" dir=\"ltr\" href=\"https:\/\/t.co\/Uydz0366Z3\" data-pre-embedded=\"true\" data-scribe=\"\">pic.twitter.com\/Uydz0366Z3<\/a><\/p>\n<\/div>\n<\/blockquote>\n<\/div>\n<div class=\"EmbeddedTweet-tweet\">\n<blockquote class=\"Tweet h-entry js-tweetIdInfo subject expanded \n<p>                    is-deciderHtmlWhitespace\" cite=\"https:\/\/twitter.com\/0xDUDE\/status\/901062772238274561\" data-tweet-id=\"901062772238274561\" data-scribe=\"section:subject\"><\/p>\n<div class=\"Tweet-header u-cf\">\n<div class=\"Tweet-brand u-floatRight\">\n<div class=\"Icon Icon--twitter \" title=\"\"><\/div>\n<p><span class=\"u-hiddenInNarrowEnv\"><a class=\"FollowButton FollowButton--edge follow-button profile\" title=\"Follow Victor Gevers on Twitter\" href=\"https:\/\/twitter.com\/0xDUDE\" data-scribe=\"component:followbutton\">\u00a0Follow<\/a><\/span><\/div>\n<div class=\"TweetAuthor \" data-scribe=\"component:author\"><a class=\"TweetAuthor-link Identity u-linkBlend\" href=\"https:\/\/twitter.com\/0xDUDE\" data-scribe=\"element:user_link\"><span class=\"TweetAuthor-avatar Identity-avatar\"><img class=\"Avatar Avatar--edge\" src=\"https:\/\/pbs.twimg.com\/profile_images\/778598641296633857\/84lF1fjF_normal.jpg\" alt=\"\" data-scribe=\"element:avatar\" data-src-2x=\"https:\/\/pbs.twimg.com\/profile_images\/778598641296633857\/84lF1fjF_bigger.jpg\" data-src-1x=\"https:\/\/pbs.twimg.com\/profile_images\/778598641296633857\/84lF1fjF_normal.jpg\" \/><\/span><span class=\"TweetAuthor-name Identity-name customisable-highlight\" title=\"Victor Gevers\" data-scribe=\"element:name\">Victor Gevers<\/span>\u00a0<span class=\"TweetAuthor-screenName Identity-screenName\" dir=\"ltr\" title=\"@0xDUDE\" data-scribe=\"element:screen_name\">@0xDUDE<\/span><\/a><\/div>\n<\/div>\n<div class=\"Tweet-body e-entry-content\" data-scribe=\"component:tweet\">\n<p class=\"Tweet-text e-entry-title\" dir=\"ltr\" lang=\"en\">From the 8,233 hosts about 2,174 are still running an open telnet services and some of them still accessible with the leaked credentials.\u00a0<a class=\"PrettyLink link media customisable\" dir=\"ltr\" href=\"https:\/\/t.co\/umbNhYwAGV\" data-pre-embedded=\"true\" data-scribe=\"\">pic.twitter.com\/umbNhYwAGV<\/a><\/p>\n<div class=\"Tweet-metadata dateline\"><a class=\"u-linkBlend u-url customisable-highlight long-permalink\" href=\"https:\/\/twitter.com\/0xDUDE\/status\/901062772238274561\" data-datetime=\"2017-08-25T12:44:40+0000\" data-scribe=\"element:full_timestamp\"><time class=\"dt-updated\" title=\"Time posted: August 25, 2017 12:44:40 (UTC)\" datetime=\"2017-08-25T12:44:40+0000\">9:44 AM &#8211; Aug 25, 2017<\/time><\/a><\/div>\n<div class=\"Tweet-card\">\n<article class=\"MediaCard\n\n           customisable-border\" dir=\"ltr\" data-scribe=\"component:card\"><\/p>\n<div class=\"MediaCard-media\">\n<div class=\"MediaCard-widthConstraint js-cspForcedStyle\" data-style=\"max-width: 661px\">\n<div class=\"MediaCard-mediaContainer js-cspForcedStyle\" data-style=\"padding-bottom: 61.5734%\"><a class=\"MediaCard-mediaAsset\n                    NaturalImage\nNaturalImage--roundedTop\n                    NaturalImage--roundedBottom\" href=\"https:\/\/twitter.com\/0xDUDE\/status\/901062772238274561\/photo\/1\" data-scribe=\"element:photo\"><img loading=\"lazy\" class=\"NaturalImage-image\" title=\"View image on Twitter\" src=\"https:\/\/pbs.twimg.com\/media\/DIE3t56XUAAaqyE.jpg:small\" alt=\"View image on Twitter\" width=\"661\" height=\"407\" data-srcset=\"https%3A%2F%2Fpbs.twimg.com%2Fmedia%2FDIE3t56XUAAaqyE.jpg%3Asmall 661w,https%3A%2F%2Fpbs.twimg.com%2Fmedia%2FDIE3t56XUAAaqyE.jpg%3Alarge 661w,https%3A%2F%2Fpbs.twimg.com%2Fmedia%2FDIE3t56XUAAaqyE.jpg 661w\" \/><\/a><\/div>\n<\/div>\n<\/div>\n<\/article>\n<\/div>\n<ul class=\"Tweet-actions\" data-scribe=\"component:actions\">\n<li class=\"Tweet-action\">\n<div class=\"Icon Icon--reply TweetAction-icon Icon--replyEdge\" title=\"Reply\"><\/div>\n<p><a class=\"TweetAction TweetAction--replyEdge web-intent\" href=\"https:\/\/twitter.com\/intent\/tweet?in_reply_to=901062772238274561\" data-scribe=\"element:reply\">\u00a0<span class=\"TweetAction-stat\" data-scribe=\"element:reply_count\">5<\/span><span class=\"u-hiddenVisually\">5 Replies<\/span><\/a><\/li>\n<li class=\"Tweet-action\">\n<div class=\"Icon Icon--retweet TweetAction-icon Icon--retweetEdge\" title=\"Retweet\"><\/div>\n<p><a class=\"TweetAction TweetAction--retweetEdge web-intent\" href=\"https:\/\/twitter.com\/intent\/retweet?tweet_id=901062772238274561\" data-scribe=\"element:retweet\">\u00a0<span class=\"TweetAction-stat\" data-scribe=\"element:retweet_count\">8<\/span><span class=\"u-hiddenVisually\">8 Retweets<\/span><\/a><\/li>\n<li class=\"Tweet-action\">\n<div class=\"Icon Icon--heart TweetAction-icon Icon--heartEdge\" title=\"Like\"><\/div>\n<p><a class=\"TweetAction TweetAction--heartEdge web-intent\" href=\"https:\/\/twitter.com\/intent\/like?tweet_id=901062772238274561\" data-scribe=\"element:heart\">\u00a0<span class=\"TweetAction-stat\" data-scribe=\"element:heart_count\">11<\/span><span class=\"u-hiddenVisually\">11 likes<\/span><\/a><\/li>\n<\/ul>\n<\/div>\n<\/blockquote>\n<\/div>\n<div class=\"tweet-InformationCircle--bottom tweet-InformationCircle\" data-scribe=\"element:notice\"><a class=\"Icon Icon--informationCircleWhite js-privacyNotice\" title=\"Twitter Ads info and privacy\" href=\"https:\/\/support.twitter.com\/articles\/20175256\"><span class=\"u-hiddenVisually\">Twitter Ads info and privacy<\/span><\/a><\/div>\n<\/div>\n<div class=\"resize-sensor\"><\/div>\n<\/div>\n<p>According to the researchers, most of the reachable IPs (61 percent) were located in China.<\/p>\n<p>The list\u00a0of the 33,000 IP addresses includes many duplicates, it is likely they were already abused by hackers in the wild.<\/p>\n<p>The Pastebin also includes numerous scripts, titled \u201cEasy To Root Kit,\u201d \u201cMirai Bots,\u201d \u201cMirai-CrossCompiler,\u201d \u201cApache Struts 2 RCE Auto-Exploiter v2),\u201d \u201cSlowloris DDoS Attack Script.\u201d<\/p>\n<p><strong>Fuente:<\/strong>\u00a0<em><a href=\"http:\/\/www.cyberdefensemagazine.com\/massive-iot-exploit-more-than-1700-valid-telnet-credentials-for-iot-devices-leaked-online\/\" target=\"_blank\" rel=\"noopener noreferrer\">http:\/\/www.cyberdefensemagazine.com<\/a><\/em><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Investigadores de seguridad advierten de la disponibilidad en l\u00ednea de una lista de dispositivos IoT y credenciales de telnet asociadas.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[23,29],"tags":[],"_links":{"self":[{"href":"https:\/\/www.fie.undef.edu.ar\/ceptm\/index.php?rest_route=\/wp\/v2\/posts\/2280"}],"collection":[{"href":"https:\/\/www.fie.undef.edu.ar\/ceptm\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.fie.undef.edu.ar\/ceptm\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.fie.undef.edu.ar\/ceptm\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.fie.undef.edu.ar\/ceptm\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2280"}],"version-history":[{"count":0,"href":"https:\/\/www.fie.undef.edu.ar\/ceptm\/index.php?rest_route=\/wp\/v2\/posts\/2280\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.fie.undef.edu.ar\/ceptm\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2280"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.fie.undef.edu.ar\/ceptm\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2280"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.fie.undef.edu.ar\/ceptm\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2280"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}