Avira honeypot discovers the most insecure password combination



When looking for new threats for smart devices, an Avira honeypot found an even less secure password than "admin" or "12345".

"The most commonly used credentials are empty, which means that the attackers enter only an empty user name and a blank password. This is even more common than with administrators, "said Avira threat analyst Hamidreza Ebtehaj in a blog post.

In this case, the credentials are a two-part username / password combination that hackers enter into the company's smart device honeypot during an attack. Blank or blank credential attacks accounted for 25.6 percent of all login credentials and far surpassed other username and password combinations.

The blank credentials even outperformed other standard IoT credentials such as admin / QWestModem and admin / airlive (24%), as well as the collection of common standard credentials (23.4%) such as admin / admin, support / support, and "admin / admin". root / root ".

Avira's research also revealed that the main credential pairs are "root / xc3511" and "default / S2fGqNFs" because they belong to two web-connected webcams available under different names.

Security for smart devices

Avira's Honeypot mimics the features and behavior of connected devices such as routers and intelligent IoT devices to include hackers. Because Honeypot is visible and seemingly vulnerable online, it uses the Telnet, Secure Shell, and Android Debug Bridge protocols, which are most commonly used for smart devices.

Smart device attacks consist of two largely automated phases. In the first phase, a destination is selected and this is done by IP / port scanning. The second phase is when the hackers are working to infect the identified device, and here the honey pot from Avira plays a crucial role. In addition to recording the credentials used by hackers during the attack, the honeypot also collects data on infection vectors, malicious scripts, and malware.

READ  Best indie games 2019 | Trustedreviews

While smart devices are often criticized for their insecurity and the fact that many users are not changing their default passwords, Hamidreza states that much of the blame lies with device manufacturers and developers:

"Frequently used users do not know these protocols and do not even know that hackers can access their devices. We can not expect users to log in to a terminal and change the configuration of the logs they have not even heard of. "

To avoid falling victim to an attack on smart devices, Avira recommends searching online for potential security vulnerabilities, checking for firmware updates, fixing known security vulnerabilities or issues, and scanning your network for possible open ports before purchasing a device Invite hackers.

Spread the good stuff:
This post contains affiliate links, to find out more information, please read our disclaimer.
The price written on this page is true as the time it is written. It may change at any moment.

Related Posts