Hackers Say Knocking Thousands of Brits Offline Was an Accident…

LORENZO FRANCESCHI-BICCHIERAI

A new zombie army of hacked Internet of Things devices forced thousands of Brits offline, as hackers tried to expand the reach of their botnet.

The UK internet providers TalkTalk and Post Office confirmed that some of their customers experienced outages due to a cyberattack. One of the hackers who controls the new botnet created with a modified version of the infamous Mirai malware1 said they were responsible for the issues.

https://motherboard.vice.com/read/two-hackers-new-mirai-internet-of-things-botnet-deutsche-telekom 

“Sorry for UK Post Office,” a hacker who goes by the name BestBuy told Motherboard in an online chat, explaining that they didn’t target them “intentionally.”

“But they should give their customers better hardware :\,” the hacker said.

https://motherboard.vice.com/read/the-looming-disaster-of-the-internet-of-hackable-things

BestBuy explained that “too many requests freeze the shitty routers,” and that they were just trying to enlist more devices into their botnet. The hacker said that they now call the modified malware Annie instead of Mirai, and that they have collected as many as 4.8 million bots. (Motherboard could not verify this figure, but it’s way higher than any other number reported before, so worth taking with a grain of salt.)

TalkTalk confirmed that “a small number” of customer’s routers were affected by Mirai. A Post Office spokesperson said a “third party” disrupted some customers on Nov. 27, impacting “certain types of routers.”

”They should give their customers better hardware :\ […] Too many requests freeze the shitty routers.”

These new disruptions come weeks after unknown attackers used a Mirai-powered botnet to target the services https://motherboard.vice.com/read/twitter-reddit-spotify-were-collateral-damage-in-major-internet-attack of major websites such as Twitter, Spotify and Reddit. Mirai has been used to launch distributed denial of service attacks against several victims, including the site of well-known security journalist Brian Krebs https://motherboard.vice.com/read/journalist-hit-by-record-ddos-attack-im-kind-of-like-plutonium-right-now, and the internet infrastructure company Dyn https://motherboard.vice.com/read/twitter-reddit-spotify-were-collateral-damage-in-major-internet-attack, which resulted in the outages at the aforementioned major websites and many others.

BestBuy, along with another cybercriminal known as Popopret, is renting out access to their botnet, offering customers the ability to launch disruptive cyberattacks. If it’s true that they have a massive botnet as they claim to be, we can expect more attacks and more collateral damage in the coming weeks.

“Done pushing update,” BestBuy told me, referring to a new version of Mirai or Annie. “Hope to god nothing goes batshit.”

 

Advertisements

About chainsoff

Middle East MEDIA SCOPE, LTD Middle East MEDIA POST, LLC MEMBER@ ADVISORY BOARD, DEFENCE UNLIMITED.COM (CANADA) ASSOCIATE@TheIntelligenceCommunity
This entry was posted in CYBBER SECURITY, MI5, MI6, Uncategorized. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s