Failed botnet attack at root of Deutsche Telekom outage

Nov. 29, 2016

An internet service outage that began this past Sunday and affected 900,000 Deutsche Telekom subscribers was the result of a failed botnet attack that targeted home routers the service provider supplied, according to Deutsche Telekom and media reports.

Stephen Hardy

Deutsche Telekom says the attack was part of a worldwide attempt to embed malware on subscribers’ routers via an open maintenance port. Press reports identified the malware as a variant of Marai, a botnet malware program responsible for recent internet outages on the U.S. East Coast. The malware was intended to infect the customer routers, which could be used to launch DDOS attacks. However, the malware malfunctioned and caused the routers to crash or otherwise lose the ability to access Deutsche Telekom’s network.

Customers received the routers from Deutsche Telekom, which offers them under the Speedport brand, Reuters reports. The German incumbent service provider says it has blocked access to the maintenance port and created software fixes that will enable its customers to use their routers safely.

The source of the botnet attack remains under investigation.

For related articles, visit the Network Design Topic Center.

For more information on high-speed systems and suppliers, visit the Lightwave Buyer’s Guide.

About the Author

Stephen Hardy | Editorial Director and Associate Publisher

Stephen Hardy has covered fiber optics for more than 15 years, and communications and technology for more than 30 years. He is responsible for establishing and executing Lightwave's editorial strategy across its digital magazine, website, newsletters, research and other information products. He has won multiple awards for his writing.

Contact Stephen to discuss: