Attackers are increasingly hacking smart devices in homes. They find weaknesses, guess passwords, download malware, and turn gadgets into part of a large network controlled by hackers. This was stated by Nikolai Fomin, Technical Director of the IoT direction at MTS. He noted that most botnets are located in the USA, Taiwan, Vietnam, Brazil, Hong Kong, and Turkey.
Attackers gain access to smart devices and generate fake clicks, distorting advertising and degrading the quality of targeting and personalization. Their main target is standard factory security settings or outdated software versions.
They find a weak spot, guess the password — the factory one or the one you set yourself — or exploit known bugs. After the hack, the attackers download malware, turning the device into part of a botnet — a network of controlled devices.
Currently, for example, there is high activity of new botnets, such as Androxgh0st and Raptor Train, which target vulnerabilities in Internet of Things devices, especially IP cameras.
Infected devices start executing commands without the owner's knowledge. For example, they can send requests to advertising sites to increase the number of clicks, or launch DDoS attacks, overloading servers. At the same time, the user does not notice anything, because the device works as usual.
Every owner of IoT devices can become a victim of fraud and lose control over their equipment and personal data.
When buying smart devices for an apartment, users often neglect equipment settings, leaving default accounts and standard factory passwords, and do not update firmware.
The expert advises choosing reliable manufacturers. They thoroughly test their devices and fix software bugs. You should also change the device password to a strong, unique one and update the firmware at least once a year to protect the device from vulnerabilities.
Earlier, hackers found a weak spot in the protection of routers that provide access to Wi-Fi. This allowed them to spy on private networks, intercept personal data and user information.
Read more on the topic:
The longest DDoS attack in 2024 lasted more than four days
T-Bank Implemented a Domestic Authentication System Safetech Instead of Microsoft Keys
The Central Bank Warned Russians About a New Type of Fraud
The Russian Region with the Highest Level of IT Crime Has Been Named
Data Leaks in Russia in 2024: Information Availability Devalues Stolen Databases
