Hackers want to hijack smart home devices to create large botnets and use them, for example, to launch powerful DDoS attacks. I
According to a new report by Kaspersky, the number of attacks against smart home devices increased sevenfold compared to the same period last year.
In the first half of 2018, Kaspersky tracked 12 million attacks, originating from 69,000 unique IP addresses. A year later, the same company tracked 105 million attacks, coming from 276,000 IP addresses.
Kaspersky claims the attacks aren’t sophisticated, and they’re rarely done to destroy the device. Instead, hackers are trying extra hard not to be noticed, so the users may not even realise their devices are being exploited. Most of the times, hackers employ Mirai to build the botnet. Other notable mentions are Nyadrop and Gafgyt.
Sources of infection mostly originate from China, but Brazil, Egypt and Japan are also on the list.
“As people become more and more surrounded by smart devices, we are witnessing how IoT attacks are intensifying. Judging by the enlarged number of attacks and criminals’ persistency, we can say that IoT is a fruitful area for attackers that use even the most primitive methods, like guessing password and login combinations. This is much easier than most people think: the most common combinations by far are usually “support/support”, followed by “admin/admin”, “default/default”. It’s quite easy to change the default password, so we urge everyone to take this simple step towards securing your smart devices” – said Dan Demeter, security researcher at Kaspersky Lab.