Slashdot Mirror

← Back to Stories (view on slashdot.org)

BrickerBot Dev Claims Cyber-Attack That Affected Over 60,000 Indian Modems (bleepingcomputer.com)

Posted by BeauHD on from the taking-responsibility dept.

An anonymous reader quotes a report from Bleeping Computer: "The author of the BrickerBot malware has claimed a cyber-attack that affected several Indian states and has caused over 60,000 modems and routers to lose Internet connectivity," reports Bleeping Computer. "The incident affected modems and routers belonging to Bharat Sanchar Nigam Limited (BSNL) and Mahanagar Telephone Nigam Limited (MTNL), two Indian state-owned telecommunications service providers." The BrickerBot malware infected modems that used default passwords and modems that the two ISPs left exposed via the TR069 management interface to connections from anywhere on the Internet. BrickerBot is a malware strain that affects Linux-based IoT and networking devices. Unlike other malware that hoards devices into botnets for DDoS attacks and other purposes, BrickerBot "bricks" the equipment by rewriting its flash storage with random data. In most cases this bricking effect can be reversed, but in some cases this is permanent. BSNL and MTNL had worked to fix problems but efforts were delayed after a BSNL workforce strike. The BrickerBot author also raised the alarm about similar exposed devices on the network of Pakistan Telecommunication Company Limited (PTCL). In April, the BrickerBot author claimed he bricked over 2 million devices.

1 of 32 comments (clear)

  1. Re:what's the point? by Gravis+Zero · · Score: 4, Informative

    what's the point, really?

    To remove insecure devices from the internet rather than allow bad actors to take advantage of them.

    The only victims here are people who aren't responsible for this.

    If you paid money for an insecure device, you are responsible for financing a distributor of insecure devices.

    Yes, we know shit is insecure,

    And you should also know that insecure shit is going to be bricked.

    but take it on the people responsible for this, not on the users. They will still be billed. And no one will be fired for the mistake.

    If you give enough people a headache, they will give other people a headache for it happening. Eventually, the people responsible will either change their ways or it's going to be a painful decade for them.

    --
    Anons need not reply. Questions end with a question mark.