An internet service outage that began this past Sunday and affected 900,000 Deutsche Telekom subscribers was the result of a failed botnet attack that targeted home routers the service provider supplied, according to Deutsche Telekom and media reports.
Deutsche Telekom says the attack was part of a worldwide attempt to embed malware on subscribers’ routers via an open maintenance port. Press reports identified the malware as a variant of Marai, a botnet malware program responsible for recent internet outages on the U.S. East Coast. The malware was intended to infect the customer routers, which could be used to launch DDOS attacks. However, the malware malfunctioned and caused the routers to crash or otherwise lose the ability to access Deutsche Telekom’s network.
Customers received the routers from Deutsche Telekom, which offers them under the Speedport brand, Reuters reports. The German incumbent service provider says it has blocked access to the maintenance port and created software fixes that will enable its customers to use their routers safely.
The source of the botnet attack remains under investigation.
For related articles, visit the Network Design Topic Center.
For more information on high-speed systems and suppliers, visit the Lightwave Buyer’s Guide.
