You Are Here: Home » Industry News » Hacker Creates Worldwide Map of Vulnerable Devices

Hacker Creates Worldwide Map of Vulnerable Devices

A hacker created a worldwide map of more than 100,000 vulnerable devices after “playing around” with a scripting tool. The “Carna” botnet was named after the Roman goddess that protected inner organs because it was “a good choice for a bot that runs mostly on embedded routers.” Carna ran from June to October last year and was allegedly never detected.

Many of the open machines were based on Linux and allowed login with empty or default credentials. Though the project itself is illegal, the anonymous researcher claims the information may be useful for further study.

Hacker Creates Worldwide Map of Vulnerable Devices

The Carna database is available for download and has 9 terabytes. Source: http://internetcensus2012.bitbucket.org/paper.html

“Two years ago while spending some time with the Nmap Scripting Engine (NSE) someone mentioned that we should try the classic telnet login root:root on random IP addresses,” the hacker said. “This was meant as a joke, but was given a try. We started scanning and quickly realized that there should be several thousand unprotected devices on the Internet.”

Though he first talks about collective research, the hacker later admits he was only referring to himself to give depth to the analysis.

“In reality, we is me. I chose we as a form for this documentation because its [sic] nicer to read, and mentioning myself a thousand times just sounded egotistical,” the hacker said. He also claimed he didn’t interfere with the scanned systems, and didn’t change any passwords.

“It’s a bit like he walked down the street, writing down each address then trying the doorknob. If it was open, he went in and convinced whoever lived there to join him in his data-collection quest — and soon his army of helpers had mapped the whole world,” NBC News explained.

About The Author

Security Specialist

Bianca Stanescu, the fiercest warrior princess in the Bitdefender news palace, is a down-to-earth journalist, who’s always on to a cybertrendy story. She’s the industry news guru, who’ll always keep a close eye on the AV movers and shakers and report their deeds from a fresh new perspective. Proud mother of one, she covers parental control topics, with a view to valiantly cutting a safe path for children through the Internet thicket. She likes to let words and facts speak for themselves.

Number of Entries : 297

Comments (3)

  • Pinoy Android

    I can’t imagine if his intention was ain’t good!

    Reply
  • Kobayashi Mari

    Either your title was intentionally misleading and was supposed to be sensationalist in an effort to attract readers, or someone completely missed the point of the article somewhere along the lines.
    The researcher did not create a map of 100K vulnerable devices. S/he used 100K vulnerable devices to create a world map of every IP on the internet that would answer to a ping/port scan. It was all about being able to say you have a snapshot in time of what the Internet looks like.

    Reply

Leave a Comment

© 2012 Powered By Bitdefender

x
Loading...
Scroll to top