Hackers Are Constantly Attacking Your Favorite IoT Devices With Login Attempts - A Comprehensive Research Proves!

What if I tell you that the IoT devices placed around your home remain exposed to 13 login attempts every minute by the hackers? Sounds intimidating, right? This is how efficient these crooks have become and now is the time that you should have a thorough understanding of how they are constantly trying to dominate you.

Matt Boddy, a network engineer from the UK-based security company - Sophos, conducted a research based on installing and monitoring 10 cloud honeypots across 5 different continents. Over a time period of three months, he observed all the SSH login attempts, just to better understand how cyber criminals come knocking at your network’s door.

Revealing a package of some interesting statistics obtained through these honeypots, Matt stated that hackers were too quick to start off with their login attempts (obviously, with the help of bots). On one occasion, someone attempted to log into the device within a minute after deployment, while on average it took only two hours for the majority. However, once exposed, all of such devices kept on receiving continuous login attempts. In the end, there were more than 5 million attempted attacks on all the honeypots.

Knock and don’t run: The tale of the relentless hackerbots

Usernames & Passwords

The hackers were smart enough to use default usernames and passwords of IoT devices that an average person normally owns e.g combination of the username “pi” with “raspberry” was one of the most obvious ones in the list.

Please don't user default passwords on your IoT devices and changed them ASAP

• Related: How The Internet Of Things Could Be Putting Your Home At Risk

Why Is Your Device Online?

Of course, you must be thinking that you are safe while reading this as according to you, the IoT devices that you own, protect you from the outside world with the help of Network Address Translation (NAT). But unfortunately, that is not the case anymore.

To counter this assumption, a hacker with the name of TheHackerGiraffe pushed 65,000 of Chromecasts to play an unwanted video, hence proving that NAT provides a false sense of security.

This led the research to another important concern about the ‘always online’ status of devices and while explaining the answer in detail, Universal Plug and Play turned out to be the actual risk.


UPnP allows systems at your home to network automatically with modern routers or gateways, but they also put forward your device identity through the NAT, majorly because of how UPnP gets implemented by vendors.

Repetition in Patterns by Hackers

It is often mentioned that random passwords are less likely to be tracked. The password attempts on these honeypots, followed a very common pattern.

1qaz2wsx and 1q2w3e4r were seen frequently in all login attempts, 756,613 and 631,071 times, respectively. Although these passwords aren’t bad but if you look at your keyboard, you’ll see a correlation between the numbers and words.

In the end, what should you do?

  1. Immediately change your passwords from the default ones.
  2. Try to set a more complex and unique password for every service.
  3. Keep track of all passwords set with a manager and use a master key for them then.
  4. Turn off UPnP on your home router.
Read next: Vulnerabilities of WPA3 Giving Hackers an Easy Way to Steal Passwords
Previous Post Next Post