A botnet responsible for a massive DDOS (distributed denial-of-service) attack was created thanks to weak default usernames and passwords found in internet-connected cameras and DVRs.
The Mirai botnet grabbed headlines last month for taking down the website of cybersecurity reporter Brian Krebs with a huge DDOS attack. Unlike most botnets, which rely on infected PCs, this one used IoT devices to target its victims.
It turns out the botnet was specifically designed to scan the internet for poorly secured products like cameras and then access them through easily guessable passwords like “admin” or “12345.”