The source code that powers the “Internet of Things” (IoT) botnet “Mirai” responsible for launching the historically large distributed denial-of-service (DDoS) attack against KrebsOnSecurity last month has been publicly released.
“Mirai” spreads to vulnerable devices by continuously scanning the Internet for IoT systems protected by factory default usernames and passwords.
The username password combo: ROOT/DREAMBOX is in the source code!
In all, there are 68 username and password pairs in the botnet source code.
Please change your password and check for other devices that might be effected/infected.
More info on KrebsonSecurity : https://krebsonsecurity.com/2016/10/who-makes-the-iot-things-under-attack/
Some one (please) make this a sticky!
And i urge VU and all image makers to help change this bad habit of keeping the hardcoded password.
Changing the password should be in the "set up" like changing the language...
“Mirai” spreads to vulnerable devices by continuously scanning the Internet for IoT systems protected by factory default usernames and passwords.
The username password combo: ROOT/DREAMBOX is in the source code!
In all, there are 68 username and password pairs in the botnet source code.
Please change your password and check for other devices that might be effected/infected.
More info on KrebsonSecurity : https://krebsonsecurity.com/2016/10/who-makes-the-iot-things-under-attack/
Some one (please) make this a sticky!
And i urge VU and all image makers to help change this bad habit of keeping the hardcoded password.
Changing the password should be in the "set up" like changing the language...