This article was tremendously fascinating to me and I had to share it. A hacker is going around hacking the IoT botnets of other hackers. And he did this by using honey pots coupled with simple port scanning and brute-force attacks of obtained C2 IP addresses
The fascinating thing for me is he goes on to say that he believes a large percentage of botnet operators are simply following tutorials and forget to change default credentials, or if they do change them, they're changed to passwords which are generally weak
The ability to operate a large-scale botnet is trivial to the point of simply following along with tutorials and are setup by people with a level of technical fluency that they forget to update default passwords and use weak passwords. This is the landscape!