The article doesn’t talk about a trojan horse with these devices it talks about spamm emails sent from the devices, ergo the premise WiFi was unsecured. If the WiFi was secured the hackers’ entry point from the internet would not have been able to get into the premise WiFi network to obtain and use the network ID of these devices to send their spamm emails out the premise WiFi/router’s internet connection. If some of those network IDs are ‘toaster[unique ID]@usersISP.com’ so what. It still gives the spammer an email address to use and that’s all they care about.
And even if the appliance had trojan hardware (like the irons in Russia) it still requires an unsecured, DHCP-enabled WiFi LAN to get out to the internet and contact the hacker to enable the exploitation of the LAN and its devices.
The attack goes something like this:
Get users’ IP address off message boards, ISPs, etc. Scan the subnets looking for an unsecured or default password premise modem/routers supplied by the ISP (which they know the default passwords for). Access the unsecured router to get a list of LAN IDs. Use those IDs to send traffic to the premise router to send out their spamm emails. That way the emails orginate from non-blocked domains and known spammers.
There is more to it but there are plenty of ways to avoid your appliances getting cease-and-dissist email from your ISP. Setting a password on the ISP router/modem, disabling ISP email and blocking the router’s port 25 are a few simple ways.
It’s just spammers looking to get around their notariety to ISPs and security programs. They need an innocent ISP account (and router) to send their spamm.
Could you explain disabling ISP email and blocking the router's port 25, for us dummies? (including mac dummies, if possible.)