images
 flag  India flag
sub icon

 

 

A Hacker created a worldwide map of more than 100,000 vulnerable devices after “playing around” with a scripting tool. The “Carna” botnet was named after the Roman goddess that protected inner organs because it was “a good choice for a bot that runs mostly on embedded routers.” Carna ran from June to October last year and was allegedly never detected.

Many of the open machines were based on Linux and allowed login with empty or default credentials. Though the project itself is illegal, the anonymous researcher claims the information may be useful for further study.

Hacker Creates Worldwide Map of Vulnerable Devices

The Carna database is available for download and has 9 terabytes. Source: http://internetcensus2012.bitbucket.org/paper.html

“Two years ago while spending some time with the Nmap Scripting Engine (NSE) someone mentioned that we should try the classic telnet login root:root on random IP addresses,” the hacker said. “This was meant as a joke, but was given a try. We started scanning and quickly realized that there should be several thousand unprotected devices on the Internet.”

Though he first talks about collective research, the hacker later admits he was only referring to himself to give depth to the analysis.

“In reality, we is me. I chose we as a form for this documentation because its [sic] nicer to read, and mentioning myself a thousand times just sounded egotistical,” the hacker said. He also claimed he didn’t interfere with the scanned systems, and didn’t change any passwords.

 

“It’s a bit like he walked down the street, writing down each address then trying the doorknob. If it was open, he went in and convinced whoever lived there to join him in his data-collection quest — and soon his army of helpers had mapped the whole world,” NBC News explained.

 



No Replies
Leave a Reply Here
Enter Your Name
Enter your Email
Enter your Contact No
Enter Your Message
Enter the code
 
   
@Copyright 2013 My Infoline -Whole World At Your Fingertips
(This site in under beta version, please feel free to send your suggestion to improve this portal , and also write a email to us if you find any bugs.)