Most disconcerting is the fact that the smart appliances and such weren't infected with a Trojan Horse or other remote-control software. Instead, security is so lax on those devices that the hackers were able to utilize the existing software running on the devices. Proofpoint believes that many of these gadgets "have open telnet, open SSH and an SMTP (aka "email") servers," which means that, rather than an exploit or viral infection, the hack was accomplished by cracking the default user and password login, then setting up "the existing emailer to send or relay malicious email." In this case, owners of infected devices probably saw no degradation in the functioning of their devices, as firing off a bunch of emails isn't so resource-intensive. Proofpoint pointed out, however, that should such devices be used in a DDoS attack, sluggish performance from your connected gadgets could very well result.

The worst part? All of the devices are still infected, and will remain so until they are taken offline or receive a security update from their manufacturers. Hear that OEMs? Time to step your security game up, for the future of the Internet of Things is at stake -- Craig and Day-Day can probably help you with that.