After apologizing for accidentally knocking TalkTalk and Post Office internet subscribers offline, a hacker by the name of BestBuy claims to have now intentionally pushed a malicious firmware update to 3.2 million home routers using a modified Mirai-powered botnet.
BestBuy told Vice's Motherboard that they set up a server that would automatically connect to vulnerable routers and push a malicious firmware update to them grant him persistent access and the ability to lock out owners as well as internet providers and device manufacturers, according to a Dec. 6 report.
“They are ours, even after reboot. They will not accept any new firmware from [Internet Service Provider] or anyone, and connect back to us every time :),” BestBuy told the publication in an online chat. The hacker also shared a URL which appeared to show the live stats of the Access Control Server (ACS) used to push out the malicious updates.
