A hacker posted a trove of Telnet credentials for more than 515,000 servers, IoT devices and routers on a hacking forum. The leaked lists, dated October and November of last year, were published by someone who runs a DDoS-for-hire service and include usernames, passwords and IP addresses, according to a report by ZDNet. The hacker, the report said, scanned the internet to find devices with exposed Telnet ports then ran factory-set credentials and as well as custom password combinations to build bot lists that let hackers access the devices and install malware.
Source: SC Magazine