See this other post https://news.ycombinator.com/item?id=12595936 about a botnet of 150k cameras and DVRs which is DoSing OVH at 1 TB/s. Chances are that they run on Linux. The exploit could be as simple as telnetting to them with a default password, but more sophisticated attacks could exploit old kernels left unpatched forever. Actually, some devices might be impossible to patch, as much as you can't make that Chevy from '59 any safer. You have to buy a new one.
