PINDROP BLOG

Suspect Arrested in Mirai Attack on Deutsche Telekom Routers

Authorities in the U.K. have arrested a man suspected of being involved in the attack last year on routers belonging to Deutsche Telekom customers, an attack that was attributed to the Mirai botnet.

On Wednesday, investigators from the British National Crime Agency arrested an unnamed 29-year-old man at an airport in London in connection with the attack. The Mirai attack on Deutsche Telekom routers occurred in November, and was designed to infect the devices with the Mirai malware. The attack didn’t completely succeed, but nearly one million DT customers were affected by the operation.

The attack targeted a vulnerability in the DT router’s remote-upgrade system, and the company’s security team was able to get a patch out quickly to mitigate the attack.

“We very much welcome the success of this international manhunt and have supported the law enforcement authorities with our experts. We are also looking into taking civil legal action against the alleged perpetrator. This case shows that the law can also be enforced in cyberspace. The arrest has been a major success against international cybercrime, which is increasingly making use of so-called botnets for large-scale attacks,” Thomas Kremer, member of the Board of Management of Deutsche Telekom AG for Data Privacy, Legal Affairs and Compliance, said in a statement.

Mirai has been blamed for several of the larger DDoS attacks that have ever been observed, including an assault on French hosting provider OVH and another on DNS provider Dyn. The malware has been used to create several discrete botnets and many of the devices recruited into the networks are IoT devices, including CCTV cameras, DVRs, and other embedded devices.

Image: Justin Morgan, CC by-Sa license.