Someone Published a List of Telnet Credentials for IoT Devices [source : bleepingcomputer]
by CIRT Team
A list of thousands of fully working Telnet credentials has been sitting online on Pastebin since June 11, credentials that can be used by botnet herders to increase the size of their DDoS cannons.
The list — spotted by Ankit Anubhav, a security researcher with New Sky Security — includes an IP address, device username, and a password, and is mainly made up of default device credentials in the form of “admin:admin”, “root:root”, and other formats. The Pastebin list includes 143 credential combos, including the 60 admin-password combos from the Mirai Telnet scanner.
There are 33,138 entries on the list, which recently became viral on Twitter after several high-profile security experts retweeted a link to it. When we took the screenshot below, the list had been viewed 11,000 times, but now, the list view counter is at 22,000+.
For more, click here.