In this post there is no malicious software/malware analyzed, but this is one of the impact of the malware infected IoT devices caused by weak credentials are described indirectly.

http://blog.malwaremustdie.org/2017/02/mmd-0062-2017-ssh-direct-tcp-forward-attack.html