The list of requirements is pretty short:
- Must be capable of performing the calculations required; even lowly microcontrollers may be sufficient
- Must be capable of being programmed to perform these calculations; if you can't change the firmware/software, you're stuck
- Must be connected to the internet; otherwise you'd have to manually set it up with work, and manually submit solved work
- Must be hackable across the internet via a vulnerability; only in the case of remote hacking, though that's generally the vector to go for.. being able to hack a machine in person is great, but that's a lot of work for very little trade-off.
If your toaster, fridge, coffee machine, whatever was made by some company that jumped on the IoT bandwagon, there's a good chance they could do it.
Whether that's worth the bother depends on how many machines you manage to actually target. Processing power in these is pretty limited, but if you can get 10,000,000 of them, at very low cost to you, then it may be lucrative all the same.
Remember that some NAS (basically just a 'dumb' hard disk on your network) systems were hacked to perform cryptocoin (in this case, Dogecoin) mining;
http://www.pcworld.com/article/2364...ghprofit-cryptocurrency-mining-operation.html