Vending machine botnet took university hostage
The campus internet connection was taken hostage thanks to an IoT-based malware that hit the most irrelevant connected system, a vending machine.
A university in the US was recently hacked and its internet connection was taken hostage — thanks to an IoT-based malware that hit the most irrelevant connected system, a vending machine. The news came to light in a Verizon report that highlighted the breach.
The hack information was served by Verizon in a sneak preview document of 2017 Data Breach Digest report where the US university was unnamed. An unknown IT staffer told Verizon that the school’s internet connection was reportedly crawling and upon investigation, the staff found that the DNS servers in the school were buckling under heavy traffic load. On further investigation, the traffic revealed a botnet continuously requesting seafood-related sub-domains.
After a thorough scrutiny, the IT team found out that almost all of the 5,000-odd IoT devices at the university were infected by a botnet malware. The devices included some vending machines on the campus, which was used for the attack and were controlled remotely by guessing the default username and passwords.
The staff later managed to intercept the network packets that contained plaintext passwords for the botnet and then wrote a script for scrubbing all the malware from the IoT devices.
They learned the lesson the hard way — IoT companies, and all tech product manufacturers always recommend to use the strongest username and password combination and change the default passwords when using it initially. It is also recommended that the IoT devices should be disconnected or isolated from other networks and devices wherever not needed.