German Telecom Service Deutsche Telekom confirmed that the connectivity problems that 900.000 had from its customers on Sunday were the result of a hack attempt.
"After the latest findings, it seems that some of them routers Deutsche Telekom customers were affected by an external attack. Our network was not affected in any way. The attack attempted to infect routers with malware, and although it failed it caused problems and limitations on 4 to 5 percent of our customers' routers. This led to limited use of Deutsche Telekom services by affected customers," the company said.
“As we know, there is an attack on routers maintenance UI around the world right now. This was also confirmed by the Federal Office for Information Security. "
In order to mitigate the attack, Deutsche Telekom has implemented a series of measures on their network. At the same time, it released an updated version of the firmware for the targeted routers: Speedport W 921V and Speedport W 723V Type B. This update will prevent this malware from violating the routers accidentally or deliberately, creating a denial-of-service situation.
“Currently, an updated version of software provided to all our concerned customers who wish to fix their problem router. The installation of the software has already started and we can see the success of this measure," the company added, noting that it asked its customers affected by the attack to disconnect their routers for 30 seconds, as after restarting the malware removed from the device.
Meanwhile, Kaspersky Lab researchers report that the attack on Deutsche Telekom customers' routers comes from a variant of malware Mirai.