U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

UK police arrested the alleged mastermind of the MIRAI attack on Deutsche Telekom

The prosecutor’s office in Cologne and the Federal Criminal Police Office have arrested the alleged mastermind of the MIRAI attack on Deutsche Telekom The agents at the UK National Crime Agency (NCA) have a man that is suspected to be involved with the massive attack on Deutsche Telekom that affected more than 900k routers in […]

bestbuy

The prosecutor’s office in Cologne and the Federal Criminal Police Office have arrested the alleged mastermind of the MIRAI attack on Deutsche Telekom

The agents at the UK National Crime Agency (NCA) have a man that is suspected to be involved with the massive attack on Deutsche Telekom that affected more than 900k routers in November 2016.

The affected routers were used by the Deutsche Telekom customers also for fixed telephony and TV services.

The problems lasted at least two days, the outage began on Sunday, November 27, at around 17:00, local time.

Deutsche Telekom users all over the country were not able to connect online using the users provided by the company. Below a graphic representation of the outage provided by the Allestoerungen.de.

 

mirai attack deutsche telekom

The news of the arrest was confirmed by the Germany’s federal criminal police force (BKA).

German police from the city of Cologne identified the suspect and issued the international arrest warrant.

The suspect is a 29-year-old British, the authorities have arrested him at the Luton airport in London on Wednesday. The British police believe the man is the crooks that organized the massive attack.

The German police confirmed that the attack was severe and caused serious problems to German citizens. The attackers aimed to recruit the compromised devices in a botnet that was offered for sale on dark web markets.

“The aim of the attack wave should have been to take over the routers and integrate into a bot network operated by the accused. The bot network is supposed to have offered the accused in the Darknet for consideration for arbitrary attack scenarios, such as so-called DDoS attacks.” reads the statement issued by the BKA.

“From the outset, Deutsche Telekom cooperated with law enforcement agencies,” BKA said. “Technical assistance was also provided by the Federal Office for Information Security (BSI) in the analysis of the malicious software used.”

The prosecutors believe the hacker used a modified version of the dreaded Mirai malware to carry on the attack.

The Mirai malware was first spotted by the researcher MalwareMustDie last summer, a botnet of IoT devices compromised by the malicious code was used to shut down the Dyn DNS service.

The BKA confirmed that the UK authorities would extradite the 29-year-old man to Germany to face charges of computer sabotage, the man could be condemned to up to 10 years in prison.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – Deutsche Telekom, Mirai)