Kaspersky Lab: IoT attacks in Q2 2018

Kaspersky Lab: IoT attacks in Q2 2018

Kaspersky Lab has released IoT attack data for the second quarter of 2018.

Brute-forcing Telnet passwords is the most common method of IoT malware self-propagating. However, there has been a recent increase in attacks targeting other services, such as port 8291 and port 7547, to target IoT devices.

This shows that the nature of IoT attacks has become more complex, especially when it comes to vulnerabilities.

Telnet Attack

The attacker finds the victim device, checks if its Telnet port is open, and starts a password brute force cracking routine. Since many IoT device manufacturers neglect security, this attack becomes easier to succeed and can affect entire device lines. The infected device starts scanning new networks and infects new similar devices or workstations within them.

Top 10 countries where IoT devices are most vulnerable to Telnet attacks

In the second quarter, Brazil (23.38%) led in the number of infected IoT devices and therefore also in the number of Telnet attacks, followed by China (17.22%), which rose slightly, and third was Japan (8.64%).

The most common malware in these attacks was Backdoor.Linux.Mirai.c (15.97%).

SSH Attacks

The launch of such attacks is similar to Telnet attacks, the only difference being that they require a robot to have an SSH client installed on it to brute-force the credentials. The SSH protocol is password protected, so brute-forcing the password requires a lot of computing resources. Therefore, self-propagation from IoT devices is inefficient. The success of SSH attacks depends on the fault of the device owner or manufacturer. In other words, these are again the result of weak or preset passwords assigned by the manufacturer to the entire device family. China is the country most likely to be infected via SSH attacks.


<<:  Creating the future with data T11 2018 explores the development of new smart cities

>>:  Will the mobile phone manufacturers’ launch of customized VR glasses be a hit?

Recommend

DEVIALET MANIA - A breakthrough in high-fidelity portable audio experience

Devialet's expert engineering team brings its...

SOP for high conversion, traffic generation and promotion courses!

The underlying logic of the traffic-generating co...

How SEO Got My App 150,000 Downloads

After reading this article, I have a question: th...

The whole process of user growth fission of "old bring new"

Without users, there is no revenue. In an era of ...

What exactly is Momo?

You will look for it everywhere only when you rea...

iQIYI Product Analysis Report

Based on the conclusions drawn from the previous ...

Don’t like bitterness? Let the machine “taste” for you first

Produced by: Science Popularization China Author:...

5 common methods of e-sports marketing!

EDG is the champion! In the League of Legends S11...