Failed malware attack disrupts internet services in Germany

An apparent failed malware attack led to broadband outages for an estimated 900,000 customers of German telecoms operator Deutsche Telekom.

Deutsche Telekom said it believes an attack on maintenance interfaces is taking place worldwide, potentially alluding to the Mirai IoT botnet making headlines with its disruptive DDoS attacks.

Reports suggest that a new variant of Marai targets a flaw in the Simple Object Access Protocol service embedded in router products from a specific manufacturer popular in Germany.

The operator said the attack attempted to infect routers with malware but failed, resulting in crashes or restricted use of Deutsche Telekom services. But media reports suggest that at least some routers may have been infected.

At no time was Deutsche Telekom's network infected, according to the company, and filter measures have been implemented to protect the network.

Affected customers should be able to simply reboot their routers to restore service, and any infection should be flushed by conducting the reboot, the operator said.

Deutsche Telekom has also worked with software manufacturers to develop a software update to patch the exploit the malware had been attempting to exploit.

The attack affected around 900,000 of Deutsche Telekom's 20 million customers.

Image courtesy of redcctshirt under CC