Threat Management, Network Security, Threat Management

Hacker claims army of 3.2M home routers seized via malicious firmware update

After apologizing for accidentally knocking TalkTalk and Post Office internet subscribers offline, a hacker by the name of BestBuy claims to have now intentionally pushed a malicious firmware update to 3.2 million home routers using a modified Mirai-powered botnet.

BestBuy told Vice's Motherboard that they set up a server that would automatically connect to vulnerable routers and push a malicious firmware update to them grant him persistent access and the ability to lock out owners as well as internet providers and device manufacturers, according to a Dec. 6 report.

“They are ours, even after reboot. They will not accept any new firmware from [Internet Service Provider] or anyone, and connect back to us every time :),” BestBuy told the publication in an online chat. The hacker also shared a URL which appeared to show the live stats of the Access Control Server (ACS) used to push out the malicious updates.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.