Hacker maps web because YOU have a default router password

Pretty pictures, interesting information, how could something like this be illegal?

by The Green Goblin on 23 March 2013 13:43

In brief, Mr 'Carna' is a hacker who managed to find out how many people around the world have default settings on their router by hacking and mapping his way around the world wide web.

This isn't your WiFi password by the way. It's the password you use to access your router through your browser to change settings or open ports. He came up with the below graphic, that shows just how many people's routers can be used to create a 'botnet' or group of 'zombie computers' under someone else's control.


When the scanning bot found a router or other device with an open door and favorable conditions, it would upload a copy of itself, and from there, conduct further scans on other devices, thus growing exponentially larger. After just one day, the Mr. Carna writes that he had some 100,000 devices under his control -- the nucleus of his "Carna Botnet," named after the Roman goddess of internal organs and health, who was later associated with doorsteps and hinges.

This 'internet census' can tell us roughly how many IP addresses were there in 2012. 

"That depends on how you count," the hacker writes. Some 450 million were "in use and reachable" during his scans. Then there were the firewalled IPs and those with reverse DNS records (which means there are domain names associated with them). In total, this equalled some 1.3 billion IP addresses in use.

Carna has since published a paper on the matter, explaining what he did and what his findings were.

Now go change your router settings. 

blog comments powered by Disqus