Architecture, Network security, Strategy, Threat intelligence, Threats, Cybercrime

Hacker claims army of 3.2M home routers seized via malicious firmware update

December 8, 2016

After apologizing for accidentally knocking TalkTalk and Post Office internet subscribers offline, a hacker by the name of BestBuy claims to have now intentionally pushed a malicious firmware update to 3.2 million home routers using a modified Mirai-powered botnet.

BestBuy told Vice's Motherboard that they set up a server that would automatically connect to vulnerable routers and push a malicious firmware update to them grant him persistent access and the ability to lock out owners as well as internet providers and device manufacturers, according to a Dec. 6 report.

“They are ours, even after reboot. They will not accept any new firmware from [Internet Service Provider] or anyone, and connect back to us every time :),” BestBuy told the publication in an online chat. The hacker also shared a URL which appeared to show the live stats of the Access Control Server (ACS) used to push out the malicious updates.

prestitial ad