This report identifies hosts that have an accessible MQTT (Message Queuing Telemetry Transport) service enabled on port 1883/TCP. In particular it identifies MQTT instances that enable anonymous access, which can be abused to leak data. Additionally, the MQTT service on this port is unencrypted, so even password protected instances can lead to data leakage.
MQTT is a lightweight publish/subscribe protocol designed for the Internet of Things (IoT). You can read more on MQTT at http://mqtt.org/.
For more details behind the scan methodology and a daily update of global MQTT scan statistics please visit our dedicated Open MQTT scan page.
We first announced the scan in a blog post titled Open MQTT Report – Expanding the Hunt for Vulnerable IoT Devices.
For more information on our scanning efforts, check out our Internet scanning summary page.
This report was enabled as part of the European Union INEA CEF VARIoT project.