German Telecom Service Deutsche Telekom confirmed that the connectivity problems that 900.000 had from its customers on Sunday were the result of a hack attempt.
“Following the latest findings, it appears that some of Deutsche Telekom's client routers were affected by an external attack. Our network was not affected in any way. The attack tried to infect routers with malicious software, and although it failed, it caused problems and restrictions on 4 to 5 percent of our clients' routers. This resulted in limited use of Deutsche Telekom's services by affected customers, ”the company said.
“As we know, there is an attack on routers maintenance UI around the world right now. This was also confirmed by the Federal Office for Information Security. "
In order to mitigate the attack, Deutsche Telekom has implemented a series of measures on their network. At the same time, it released an updated version of the firmware for the targeted routers: Speedport W 921V and Speedport W 723V Type B. This update will prevent this malware from violating the routers accidentally or deliberately, creating a denial-of-service situation.
“Currently, a software update is provided to all our interested customers who wish to fix the router problem. The software installation has already begun and we can see the success of this measure, ”the company added, and asked its customers who were affected by the attack to disconnect their router for 30 seconds, after the malicious software was restarted. is removed from the device.
Meanwhile, Kaspersky Lab researchers report that the attack on Deutsche Telekom customers' routers comes from a variant of malware Mirai.