dslreports logo
 story category
Mirai Malware Takes 1 Million German Broadband Users Offline

Almost 1 million Deutsche Telekom customers in Germany have been struggling to get online since Sunday afternoon thanks to what's believed to be an attack on poorly-secured and older DSL modems. According to SANS, the outage appears linked to an evolution in the Mirai malware, which scans for vulnerable routers and internet of things devices with weak default credentials, and incorporates them as part of historically large DDoS attacks.

Click for full size
This latest evolution appears to use a recently documented SOAP exploit to automatically infect older, but popular DSL routers and other devices.

Deutsche Telekom has released a firmware update for its impacted routers that requires customers to reboot the router to be automatically installed.

Deutsche Telekom tells the BBC that the number of impacted customers dropped to closer to 400,000, but the problem is ongoing for many European users.

"There is no error pattern: some customers are experiencing temporary problems or very marked fluctuations in quality, but there are also customers for whom the service is not working at all," Deutsche Telekom said in a statement on its website.

"Based on the error pattern, we cannot exclude the possibility that the routers have been targeted by external parties with the result that they can no longer register on the network," adds the European ISP, somewhat downplaying the scale of dysfunction on display here.

Most recommended from 32 comments



SysOp
join:2001-04-18
Atlanta, GA

11 recommendations

SysOp

Member

User: Admin Pass: Admin

People are too lazy to program the time on their microwave, let alone change the default password on their routers.

You know who you are.

(...sets time on microwave)