Researcher Uses Malware to Conduct Global Internet Census

It was almost certainly illegal, but an anonymous researcher has mapped every router in the Internet.

Internet, Ipv4, ipv6, ip addresses, malware,

While an Internet researcher was messing around to see how many routers he could access using the most predictable passwords, he realized the answer was a lot. The number was so big that he realized that if he didn’t just locate the unprotected routers, but botted them and used them to scan for still more routers, he could ping nearly every IPv4 (Internet protocol version 4) address in the world within an hour.

So he did. It was almost certainly illegal, but he has mapped every router in the Internet. The researcher has published his findings anonymously, including the original data. (Statistically, the researcher is more likely to be male, so I’ve used the male pronoun.) The results can’t be confirmed but appear legitimate.

The Internet hasn’t been mapped in this way since its early days as a much smaller network. And as users move to IPv6, it will become harder to scan Internet ports, meaning that this researcher’s dubious feat may never be replicated.

The researcher found that of the 3.6 billion possible IPv4 address in the world, 1.3 billion were likely in use.

“We hope other researchers will find the data we have collected useful and that this publication will help raise some awareness that, while everybody is talking about high class exploits and cyberwar, four simple stupid default telnet passwords can give you access to hundreds of thousands of consumer as well as tens of thousands of industrial devices all over the world,” the anonymous researcher wrote.

The map of IP addresses shows that the United States, Europe and Japan are more densely connected than anywhere else. Use of the Internet drops off at night. And Apache and Allegro RomPager are the most commonly used Web servers.

The virus that infected routers was designed to run in the background. The researcher subsequently removed the virus and left the routers as they were, even if they had no password.

Internet, Ipv4, ipv6, ip addresses, malware,