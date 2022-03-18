Among the results of this observation, it was found that 70% of web traffic was made up of bots and, in order to gain access to systems and devices, default credentials are the most common passwords used by criminals to try to gain access.

In Bulletproof they installed a series of traps honeypots in the cloud to analyze to analyze the behavior of threat actors and how hackers acted during 37 days.

Users who have raspberry pi o Linux should immediately change default passwords, judging by the results of a report from cybersecurity vendor Bulletproof.

These same security researchers indicate that there are over 200,000 computers on the Internet running the Raspberry Pi system. Among the top failed login attempts with default credentials targeting honeypots, the Linux username and password “nproc” ranked second, and the combination of “pi” and “raspberry” came in eighth.

Keep in mind that the operating system Raspberry Pi uses a default password. “Raspberry Pi OS ships with default credentials (user: pi and password: raspberry) very easy for hackers. What this tells us is that even default passwords are not changed,” the report states.

Any user who is aware of this could achieve access our Raspberry Pi with advanced permissions.

“A target for a cyberattack could be as simple as an office screen running the Raspberry Pi operating system. Hackers will generally focus their attention on easy targets first, and Raspberry Pi devices are cheap, easy to set up, have benefits out of the box, and will most likely connect via VPN or WiFi. If misconfigured, they increase the attack surface, risking hackers taking full operational control and exposing sensitive areas of the business.”

Change default passwords

Although this study has focused on Raspberry Pi and Linux, there are many other devices that we use on a daily basis and that we let work with the default passwordssuch as the router.

When it came to brute force attacks, among the most common passwords used by attackers they were “1”, “admin”, “admin123” and “PASswoRD”, according to the Bulletproof report.

A good password for any device, in addition to being personalized and not using the one that comes by default, it is important that it be long and have letters (both uppercase and lowercase), numbers and other special symbols.

All this always randomly and the password should never be repeated elsewhere, so as not to end up causing a domino effect if cybercriminals or hackers discover one of them.