Botnets are continuing to target default username/password combinations seen in the Mirai source code. Arbor Networks found at least 1,005 new ones targeted by botnets in September. Botnets use the shotgun approach to propagation – pick a target at random and keep trying until the list is exhausted. The biggest source of the IoT-targeting botnet attacks it saw in September was Russia, followed by China, Brazil, the U.S. and South Korea. Some compromised devices appear to be more prominent or popular in certain countries.”]
Source: https://www.cuinfosecurity.com/botnets-keep-brute-forcing-internet-things-devices-a-11637