Nearly a million customers of German telecoms giant Deutsche Telekom were knocked offline for part of Sunday and Monday in what appears to have been a failed effort by hackers to hijack their routers for a broader botnet attack.
The incident comes a little more than a month after a similar assault on connected devices worldwide that led to a massive denial-of-service attack that took down a number of high-profile web services for users mainly in the U.S. and Europe.
Deutsche Telekom said on Monday that its initial investigation has shown that “routers of Deutsche Telekom costumers were affected by an attack from outside.”
The company said “the attack attempted to infect routers with a malware but failed, which caused crashes or restrictions for four to five percent of all routers,” affecting about 900,000 of its customers.
It added that the “vast majority” of its customers are now able to “use our services without restrictions and our network is fully operational.”
Deutsche Telekom said it’d released a software update for affected customers and also recommended they momentarily disconnect their router from its power supply to reset it, which should help it function normally again.
Thomas Tschersich, Deutsche Telekom’s head of IT Security, told German media the outage looks like a failed effort to hijack customer routers for the Mirai botnet.
The botnet scans the internet looking for connected devices that are protected by easy-to-crack factory default usernames and passwords. Once the botnet is large enough, the hijacked units are used together to send vast amounts of traffic to targeted servers until they buckle under the pressure and become temporarily unusable. In most cases the device owner is unaware that it’s being used for such nefarious activities.
For example, it was found that web-enabled home security cameras and DVRs played a significant part in a major denial-of-service attack last month that took down popular services such as Twitter, Spotify, Netflix, CNN, and Airbnb, among others.
It’s not known who was behind the October incident, or the one on the weekend, but these troubling episodes show that manufacturers of connected devices will need to work with greater urgency to build in effective security software to have any hope of properly tackling the issue, while customers too can take a number of steps to protect their gadgets.