Pwning 10^7 devices in 10^1 minutes across 10^2 endpoints
Vangelis will cover in 10 one-minute slides how anyone could control 10^7 (that’s 10 million) devices by exploiting a series of simple yet critical API flaws that were typical “rush to market” flaws that can allow an attacker to control and even use them as an initial foothold in millions of networks. Devices controlled vary from routers to alarms and car chargers. It seems that the era of “central platform” handling that helped with a variety of problems (like port forwarding) backfired by reintroducing a number of vulnerabilities that were thought to be long gone.
