Researchers are in a full-out sprint to notify the owners of a substantial list of connected devices and associated telnet credentials that has been available on Pastebin since June but gone viral since Thursday when it was posted on Twitter.
The list has more than 20,000 views as of Saturday morning, up substantially from fewer than 1,000 on Thursday.
The credentials, many of which are default and known (i.e., admin:admin, root:root, or no authentication required) afford anyone access to a multitude of routers and other devices. Similar devices been co-opted in the last nine months to carry out DDoS attacks against a number of high-value targets.
