\u003c/div>\n\u003ch2>The smart home device Achilles heel: Using default passwords\u003c/h2>\n\u003cp>The prevalence of Internet of Things devices that ship with default passwords is nothing new. Research by \u003ca href=\"http://blog.ptsecurity.com/2017/06/practical-ways-to-misuse-router.html\">Positive Technologies\u003c/a> from 2017 showed that default passwords to 15 out of 100 IoT devices had never been changed. While not the majority, that’s certainly a large chunk of the \u003ca href=\"https://www.statista.com/statistics/471264/iot-number-of-connected-devices-worldwide/\">26 billion\u003c/a> smart things devices out in the wild. The hacker is presumed to be inspired by the botnet \u003ca href=\"https://arstechnica.com/information-technology/2017/04/brickerbot-the-permanent-denial-of-service-botnet-is-back-with-a-vengeance/\">BrickerBot\u003c/a>, which plagued smart devices back in 2017. Both Silex and BrickerBot before it rely on default login credentials to gain control.\u003c/p>\n\u003cp>The danger associated with most of the devices around us having guessable passwords is obvious. So much so that, \u003ca href=\"https://techcrunch.com/2018/10/05/california-passes-law-that-bans-default-passwords-in-connected-devices/\">in 2018\u003c/a>, California banned hardware from shipping with guessable logins like “password” and “123456.” The law also required that device makers force users to change a device’s built-in password upon setup.\u003c/p>\n\u003ch2>How to prevent Silex from ruining your devices\u003c/h2>\n\u003cp>The Silex malware relies on guessing your device’s user name and password. Since this malware is so new, it may be a while before your smart device issues a fix for the hack. So what can you do in the meantime?\u003c/p>\n\u003cp>“If users buy a device with standard, hard coded credentials, the best thing they can do is change the username and password for the device as quickly as possible,” says Tendermint’s director of security Jesse Irwin, a former staffer at the popular password management app 1Password.\u003c/p>\n\u003cp>The good news is that changing your device’s default admin password may help prevent an attack against the Silex malware. The bad news: all devices are not created equal. Changing the admin password on \u003ca href=\"https://superuser.com/questions/1290848/how-do-you-change-the-password-of-an-iot-device-like-a-dvr\">a DVR\u003c/a> may be more difficult than changing it on \u003ca href=\"https://www.lifewire.com/how-to-change-your-wireless-routers-admin-password-2487652\">a router\u003c/a>, for example.\u003c/p>\n\u003cp>Irwin notes that when trying to figure out the default username and password on an Internet-connected device, there are a few places people should look. Manufacturers often print usernames and passwords stickers to put on devices, or they include the information in user guide or setup instructions.\u003c/p>\n\u003cp>“If a device’s credentials cannot be changed, there are deeper technical measures that can be taken,” says Irwin. “But if you are not able to take care of those things on your own, return it.” The great thing about the booming market for connected devices, is that there are almost always other, safer options for available, she adds.\u003c/p>\n\u003ch3>\u003cspan style=\"font-weight:400;\">More must-read stories from \u003c/span>\u003ci>\u003cspan style=\"font-weight:400;\">Fortune\u003c/span>\u003c/i>\u003cspan style=\"font-weight:400;\">:\u003c/span>\u003c/h3>\n\u003cp>\u003cspan style=\"font-weight:400;\">—The fall and rise of VR: The struggle to \u003c/span>\u003ca href=\"http://fortune.com/longform/virtual-reality-struggle-hope-vr/\">\u003cspan style=\"font-weight:400;\">make virtual reality get real\u003c/span>\u003c/a>\u003c/p>\n\u003cp>\u003cspan style=\"font-weight:400;\">—“It’s just lazy”: Current’s CEO on Facebook \u003c/span>\u003ca href=\"http://fortune.com/2019/06/20/facebook-logo-calibra-current/\">\u003cspan style=\"font-weight:400;\">Calibra’s similar logo\u003c/span>\u003c/a>\u003c/p>\n\u003cp>\u003cspan style=\"font-weight:400;\">—Slack went public \u003c/span>\u003ca href=\"http://fortune.com/2019/06/20/slack-stock-ipo-dpo-direct-listing/\">\u003cspan style=\"font-weight:400;\">without an IPO\u003c/span>\u003c/a>\u003cspan style=\"font-weight:400;\">. Here’s how a direct offering works\u003c/span>\u003c/p>\n\u003cp>\u003cspan style=\"font-weight:400;\">—Welcome to the next generation of\u003c/span> \u003ca href=\"http://fortune.com/2019/06/19/corporate-phishing-scams/\">\u003cspan style=\"font-weight:400;\">corporate phishing scams\u003c/span>\u003c/a>\u003c/p>\n\u003cp>\u003cspan style=\"font-weight:400;\">—Listen to our new audio briefing, \u003c/span>\u003ca href=\"http://fortune.com/radio/\">\u003ci>\u003cspan style=\"font-weight:400;\">Fortune\u003c/span>\u003c/i>\u003cspan style=\"font-weight:400;\"> 500 Daily\u003c/span>\u003c/a>\u003c/p>\n\u003cp>\u003cspan style=\"font-weight:400;\">Catch up with\u003c/span> \u003ca href=\"https://cloud.newsletters.fortune.com/fortune/nloptin?nl=DATA_SHEET&source=LinkStack\">\u003ci>\u003cspan style=\"font-weight:400;\">Data Sheet\u003c/span>\u003c/i>\u003c/a>\u003cspan style=\"font-weight:400;\">, \u003c/span>\u003ci>\u003cspan style=\"font-weight:400;\">Fortune\u003c/span>\u003c/i>\u003cspan style=\"font-weight:400;\">‘s daily digest on the business of tech.\u003c/span>\u003c/p>\n"},"children":[]}]}]},{"name":"dianomi","config":{"type":"footer"},"children":[]},{"name":"recirculation","config":{"heading":"You May Like"},"children":[{"name":"content-list-item","config":{"title":"How Criminals Can Mine Cryptocurrency With Your Poorly-Secured Smart Devices","permalink":"https://fortune.com/2018/03/01/mine-cryptocurrency-hack-iot-smart-devices-avast/","hasVideo":true,"themeName":"recirculation","isNativoTout":true,"eyebrowLabel":"The Ledger","eyebrowLink":"https://fortune.com/section/ledger/","id":2304277,"excerpt":"Connected devices often have terrible security.","publishDateIso8601":"2018-03-01T05:18:26-05:00","type":"post"},"children":[{"name":"image","config":{"aspectRatio":0.5515695067264574,"attachmentId":2304312,"alt":"Customer write 'buy milk' on a smart refrigerator in a U.K. department store","caption":"Buyer beware.","crops":[],"height":2667,"imageSize":"recirculation","lazyload":true,"lqipSrc":"https://content.fortune.com/wp-content/uploads/2018/03/gettyimages-519987052.jpg?quality=60&resize=60,33","postId":2304277,"retina":true,"showCaption":false,"sources":[{"default":true,"transforms":{"resize":[223,123]},"descriptor":223}],"sourceTags":[],"src":"https://content.fortune.com/wp-content/uploads/2018/03/gettyimages-519987052.jpg","srcset":"https://content.fortune.com/wp-content/uploads/2018/03/gettyimages-519987052.jpg?resize=446,246 446w,https://content.fortune.com/wp-content/uploads/2018/03/gettyimages-519987052.jpg?resize=223,123 223w","url":"https://content.fortune.com/wp-content/uploads/2018/03/gettyimages-519987052.jpg","useBasicImg":false,"usingDataFallback":false,"width":4000,"fallbackImageUrl":"data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7","picture":false,"sizes":"223px"},"children":[]}]},{"name":"content-list-item","config":{"title":"FBI Says You Should Reboot Your Home Office Router to Stop Russian Malware","permalink":"https://fortune.com/2018/05/26/fbi-warning-russian-malware-routers/","hasVideo":true,"themeName":"recirculation","isNativoTout":false,"eyebrowLabel":"Tech","eyebrowLink":"https://fortune.com/section/tech/","id":2383906,"excerpt":"The agency has seized a key piece of the scheme’s infrastructure.","publishDateIso8601":"2018-05-26T15:51:31-05:00","type":"post"},"children":[{"name":"image","config":{"aspectRatio":0.5515695067264574,"attachmentId":1347334,"alt":"537890891","caption":"","crops":[],"height":1576,"imageSize":"recirculation","lazyload":true,"lqipSrc":"https://content.fortune.com/wp-content/uploads/2015/10/gettyimages-537890891.jpg?quality=60&resize=60,33","postId":2383906,"retina":true,"showCaption":false,"sources":[{"default":true,"transforms":{"resize":[223,123]},"descriptor":223}],"sourceTags":[],"src":"https://content.fortune.com/wp-content/uploads/2015/10/gettyimages-537890891.jpg","srcset":"https://content.fortune.com/wp-content/uploads/2015/10/gettyimages-537890891.jpg?resize=446,246 446w,https://content.fortune.com/wp-content/uploads/2015/10/gettyimages-537890891.jpg?resize=223,123 223w","url":"https://content.fortune.com/wp-content/uploads/2015/10/gettyimages-537890891.jpg","useBasicImg":false,"usingDataFallback":false,"width":2206,"fallbackImageUrl":"data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7","picture":false,"sizes":"223px"},"children":[]}]},{"name":"content-list-item","config":{"title":"This Nasty New Malware Can Infect Your Apple iPhone or iPad","permalink":"https://fortune.com/2016/03/16/malware-infect-apple-iphone-ipad/","hasVideo":true,"themeName":"recirculation","isNativoTout":false,"eyebrowLabel":"Tech","eyebrowLink":"https://fortune.com/section/tech/","id":1590135,"excerpt":"The good news is that it's limited to China.","publishDateIso8601":"2016-03-16T16:34:12-05:00","type":"post"},"children":[{"name":"image","config":{"aspectRatio":0.5515695067264574,"attachmentId":1588013,"alt":"","caption":"","crops":[],"height":2017,"imageSize":"recirculation","lazyload":true,"lqipSrc":"https://content.fortune.com/wp-content/uploads/2016/03/apple-news.jpg?quality=60&resize=60,33","postId":1590135,"retina":true,"showCaption":false,"sources":[{"default":true,"transforms":{"resize":[223,123]},"descriptor":223}],"sourceTags":[],"src":"https://content.fortune.com/wp-content/uploads/2016/03/apple-news.jpg","srcset":"https://content.fortune.com/wp-content/uploads/2016/03/apple-news.jpg?resize=446,246 446w,https://content.fortune.com/wp-content/uploads/2016/03/apple-news.jpg?resize=223,123 223w","url":"https://content.fortune.com/wp-content/uploads/2016/03/apple-news.jpg","useBasicImg":false,"usingDataFallback":false,"width":3000,"fallbackImageUrl":"data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7","picture":false,"sizes":"223px"},"children":[]}]},{"name":"content-list-item","config":{"title":"How to Check If You’re Exposed to Those Scary BlueBorne Bluetooth Flaws","permalink":"https://fortune.com/2017/09/13/armis-blueborne-bluetooth-ios-android-windows-linux/","hasVideo":true,"themeName":"recirculation","isNativoTout":false,"eyebrowLabel":"Tech","eyebrowLink":"https://fortune.com/section/tech/","id":2151226,"excerpt":"They allow a virus to leap from device to device, regardless of the operating system.","publishDateIso8601":"2017-09-13T07:16:11-05:00","type":"post"},"children":[{"name":"image","config":{"aspectRatio":0.5515695067264574,"attachmentId":1748982,"alt":"Virtual padlock symbol with computer network","caption":"","crops":[],"height":3333,"imageSize":"recirculation","lazyload":true,"lqipSrc":"https://content.fortune.com/wp-content/uploads/2016/07/185730400.jpg?quality=60&resize=60,33","postId":2151226,"retina":true,"showCaption":false,"sources":[{"default":true,"transforms":{"resize":[223,123]},"descriptor":223}],"sourceTags":[],"src":"https://content.fortune.com/wp-content/uploads/2016/07/185730400.jpg","srcset":"https://content.fortune.com/wp-content/uploads/2016/07/185730400.jpg?resize=446,246 446w,https://content.fortune.com/wp-content/uploads/2016/07/185730400.jpg?resize=223,123 223w","url":"https://content.fortune.com/wp-content/uploads/2016/07/185730400.jpg","useBasicImg":false,"usingDataFallback":false,"width":5000,"fallbackImageUrl":"data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7","picture":false,"sizes":"223px"},"children":[]}]},{"name":"content-list-item","config":{"title":"How to Keep Your Home Devices Out of the Botnet Army","permalink":"https://fortune.com/2017/04/07/cybersecurity-tips-hackers-botnets/","hasVideo":true,"themeName":"recirculation","isNativoTout":false,"eyebrowLabel":"Tech","eyebrowLink":"https://fortune.com/section/tech/","id":1984478,"excerpt":"Don't be a slave.","publishDateIso8601":"2017-04-07T10:14:07-05:00","type":"post"},"children":[{"name":"image","config":{"aspectRatio":0.5515695067264574,"attachmentId":1773237,"alt":"JAPAN-POLITICS-DEFENCE","caption":"Japanese soldiers. ","crops":[],"height":2848,"imageSize":"recirculation","lazyload":true,"lqipSrc":"https://content.fortune.com/wp-content/uploads/2016/08/185990570.jpg?quality=60&resize=60,33","postId":1984478,"retina":true,"showCaption":false,"sources":[{"default":true,"transforms":{"resize":[223,123]},"descriptor":223}],"sourceTags":[],"src":"https://content.fortune.com/wp-content/uploads/2016/08/185990570.jpg","srcset":"https://content.fortune.com/wp-content/uploads/2016/08/185990570.jpg?resize=446,246 446w,https://content.fortune.com/wp-content/uploads/2016/08/185990570.jpg?resize=223,123 223w","url":"https://content.fortune.com/wp-content/uploads/2016/08/185990570.jpg","useBasicImg":false,"usingDataFallback":false,"width":4584,"fallbackImageUrl":"data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7","picture":false,"sizes":"223px"},"children":[]}]},{"name":"content-list-item","config":{"title":"Experts Say Internet ‘Mega’ Attacks Are on the Rise","permalink":"https://fortune.com/2016/11/15/akamai-ddos-report/","hasVideo":true,"themeName":"recirculation","isNativoTout":false,"eyebrowLabel":"The 21st Century Corporation","eyebrowLink":"https://fortune.com/section/the-21st-century-corporation/","id":1858543,"excerpt":"It could be a long 2017.","publishDateIso8601":"2016-11-15T06:30:22-05:00","type":"post"},"children":[{"name":"image","config":{"aspectRatio":0.5515695067264574,"attachmentId":1799415,"alt":"Systems in a De-Cix Internet exchange point","caption":"","crops":[],"height":1667,"imageSize":"recirculation","lazyload":true,"lqipSrc":"https://content.fortune.com/wp-content/uploads/2016/09/de-cix_interconnection_plattform_edge1.jpg?quality=60&resize=60,33","postId":1858543,"retina":true,"showCaption":false,"sources":[{"default":true,"transforms":{"resize":[223,123]},"descriptor":223}],"sourceTags":[],"src":"https://content.fortune.com/wp-content/uploads/2016/09/de-cix_interconnection_plattform_edge1.jpg","srcset":"https://content.fortune.com/wp-content/uploads/2016/09/de-cix_interconnection_plattform_edge1.jpg?resize=446,246 446w,https://content.fortune.com/wp-content/uploads/2016/09/de-cix_interconnection_plattform_edge1.jpg?resize=223,123 223w","url":"https://content.fortune.com/wp-content/uploads/2016/09/de-cix_interconnection_plattform_edge1.jpg","useBasicImg":false,"usingDataFallback":false,"width":2500,"fallbackImageUrl":"data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7","picture":false,"sizes":"223px"},"children":[]}]}]}]}]}]}},"componentData":{},"error":null,"loading":false,"player":{"currentTime":0,"duration":0,"loading":false,"playing":false,"seek":0,"src":"","visible":false,"volume":0.5},"route":{"status":200,"redirectTo":"","redirectStatus":0,"action":"PUSH","pathname":"/2019/06/26/silex-malware-hack-iot-internet-of-things-smart-device-fix-how-to-prevent/","search":"?","hash":""},"visible":{"search":false,"primaryNav":false,"freestar":false,"adminBar":false},"contactForm":{"submitting":false,"submitted":false,"failed":false,"validation":{},"redirect":""}};

Skip to Content