Analysis of C&C–server that was used for the attacks on diplomatic organization, allowed IS-experts investigate…
Traps were active for two hours in the evening of September 25, 2019.
Potential attackers scanned more than 500 traps 561,003 times in two hours. Trap servers were located in Mexico, France, Germany, South Korea, Australia, the UK, Japan, Russia, Spain, Ireland, Singapore, the United States and India.
When setting up the traps, Avast researchers selected typical connected devices with open ports, so that attackers would believe that they were connecting to real routers, televisions, webcams, and so on.
Read also: Report on the quantum superiority of the Google processor leaked to the Web
Avast traps were specially endowed with open ports, such as TCP: 23 (telnet protocol), TCP: 22 (ssh protocol), TCP: 80 (http protocol).
Most often, the attackers scanned three ports: port 8088, which is usually found in streaming devices and smart speakers, and Telnet 22 and SSH 23 ports, which are often present in routers. According to Avast research, streaming devices are in the top 5 most vulnerable in the house, and two-thirds of routers have weak credentials or software vulnerabilities. The three main countries from which the attacks came were the United States, the Netherlands, and Japan.
“Most people do not attach much importance to the vulnerabilities of home devices – smart speakers, televisions or light bulbs – because they believe that they cannot become the target of cybercriminals. We have already seen hundreds of thousands of connected devices used as part of a botnet for DDoS attacks on popular sites and routers or for crypto mining. For many, it probably doesn’t matter if their devices are used to attack other people, but they should know that they can also be the target of hackers”, – said Michal Salat, director of Avast’s threat analysis department.
An attacker needs only one hacked device to take control of the entire home network. By collecting information about the house, an attacker could endanger both the confidentiality of the owners’ data and their physical safety.
News-bpudepi.today is a domain that tries to trick you into subscribing to its browser notifications…
Doguhtam.xyz is a site that tries to trick you into subscribing to its browser notifications…
News-xlixoti.com is a site that tries to force you into subscribing to its browser notifications…
Ducesousightion.com is a domain that tries to trick you into clik to its browser notifications…
News-xlabica.live is a domain that tries to trick you into clik to its browser notifications…
Mergechain.co.in is a site that tries to trick you into subscribing to its browser notifications…