IoT malware author may have taken out ISP provider

News by Robert Abel

An innocent ISP provider may have temporarily been taken out in the midst of a turf war over modems by two malware families.

The dispute likely caused an outage suffered by ISP Sierra Tel on 10 April at the beginning of the month and caused customers to loose internet and telephone connectivity, according to Bleeping Computer.

The company admitted in an 11 April statement that it was the victim of a “malicious hacking event” shutting down initial rumours of the outage being caused by a botched firmware update. The attack affected the Zyxel modems model HN-51 and made it so that they couldn't connect to the network anymore.

Sierra Tel said in the release that the malware was launched simply to simply cause a disruption and that similar attack have often but not always involved lone hackers and amateur troublemakers. It took the firm nearly two weeks to repair all of the modems affected in the attack, according to an 21 April Facebook post on the company's page.

While the exact cause of the outage is unclear, Janit0r, a man claiming to be the creator of Brickerbot, told Bleeping Computer that his malware along with another malware family may have caused the incident.

"BrickerBot was active on the Sierra Tel network at the time their customers reported issues," Janit0r told the publication, "but their modems had also just been mass-infected with malware, so it's possible some of the network problems were caused by this concomitant activity."

The hackers went on to suggest that that Mirai was the other culprit responsible for infecting the modems adding that his malware was designed to go after the same devices targeted by other IoT malware and that Brickerbot is designed render targets useless, similar to the Sierra Tel devices, if it fails to secure its target.

It is also possible that other IoT malware families such as Hajime, Wifatch, Gafgyt, Imeij and others. The alleged hacker came to the ISP providers defence and applauded the firm for owning up to being hit with malware. 

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews