Mirai botnet attacks Deutsche Telekom routers2016-11-30 03:28 by Daniela
Tags: Mirai, router, Deutsche Telekom
900,000 customers of Deutsche Telekom suffered internet outages on Sunday and Monday, due to a widespread Internet of Things attack from the so-called Mirai botnet.
The outages affected three models Speedport routers which the provider uses, but not the network itself, the company said.
"The attack attempted to infect routers with a malware but failed which caused crashes or restrictions for four to five percent of all routers. This led to a restricted use of Deutsche Telekom services for affected customers. We implemented a series of filter measures to our network," Deutsche Telekom said in a statement.
"According to our knowledge, an attack on maintenance interfaces is currently taking place worldwide. This was also confirmed by the Federal Office for Information Security. Following the latest findings, routers of Deutsche Telekom customers were affected by an attack from outside. Our network was not affected at any time," the company added.
"After the reboot, the router should function normally. The routers are back to their original state after the reboot, meaning there was no permanent infection with malware."
Mirai attempted to infect broadband routers via TCP port 7547 on the routers. That port is used for the TR-064 protocol that internet providers connect to over their networks to configure customer DSL routers remotely.
Last month, the Mirai botnet caused problems in the US, as millions of internet users lost access to multiple websites after an attack on Dyn.
Read more -here-