Home » But is it really possible to use 3 million electric toothbrushes for a hacker attack?

But is it really possible to use 3 million electric toothbrushes for a hacker attack?

by admin
But is it really possible to use 3 million electric toothbrushes for a hacker attack?

Multiple media outlets reported that three million electric toothbrushes were compromised and used as part of a botnet to conduct a DDoS attack. The new generation toothbrushes were allegedly used to flood a Swiss company with malicious traffic, paralyzing its services and causing extensive damage. The news was first reported by the Swiss newspaper Aargauer Zeitung, the attack reportedly occurred on January 30 involving three million electric toothbrushes that had been infected with malicious code.

It is true? Absolutely not!

There has always been talk about the risks of intelligent devices connected to the internet and the possibility that they can be hacked, and the newspaper also cited an employee of the security giant Fortinet as a source. And then everything seems possible, the news bounces from newspaper to newspaper, without anyone actually consulting an expert.

But at a certain point the international cybersecurity community rises up and questions the news. “The three million toothbrush story is not true,” wrote popular cybersecurity expert Kevin Beaumont on Mastodon. Other experts also shared the same opinion on the news, such as the research team of the security company Malwarebytes. Some have pointed out that electric toothbrushes have no ability to connect directly to the Internet, but use Bluetooth to connect to mobile apps. It is therefore impossible, in factory configurations, to use them to launch DDoS attacks.

At this point the omelette is done and many lash out against the newspaper, which in response to the skepticism has published a new update on the story which includes a statement from Fortinet: “On Thursday morning, several media outlets, including the Independent , released a statement from Fortinet: the case was used as an example of a DDoS attack during an interview. However, the case is not based on Fortinet research,” reads the new article published by the newspaper. “It appears that, due to translations, the narrative on this topic has been distorted to the point that hypothetical and real scenarios are becoming blurred,” the cybersecurity vendor says.

See also  Red Dead Redemption Remake Speculation Intensifies as Confirmation Emerges and August Announcement Looms

All clear, the journalist would not have understood that the Fortinet employee was describing a hypothetical attack and not a real one. But this is not the case, at least according to the Aargauer Zeitung, which adds that it had requested the company itself to verify and approve the text that would be published. The statement that this was a real case was not disputed by Fortinet before the article was published. The newspaper pointed out that during the interview, Fortinet’s Swiss representatives described the toothbrush case as a real DDoS, contradicting the company. “What Fortinet’s California headquarters now calls a ‘translation problem’ sounded completely different during the research: Fortinet’s Swiss representatives described the toothbrush case as a real DDoS in a meeting discussing current threats” , we read in the update provided by the newspaper. “Fortinet provided specific details: information on how long ago the attack took down a Swiss company’s website; an indication of how great the damage was.”

Meanwhile, Fortinet sent this statement to several international media outlets, excluding the very Swiss newspaper that had published the article of contention: “To clarify, the topic of toothbrushes used for DDoS attacks was presented during an interview as an illustration of a given type of attack, and is not based on Fortinet or FortiGuard Labs research. It seems that due to translations the narrative on this topic has stretched to the point that hypothetical and real scenarios are becoming confused.”

The electric toothbrush mess aside, the only hard fact behind this story is that Internet of Things (IoT) devices are a prime target. Our homes, increasingly intelligent due to the presence of SmartTVs, smart refrigerators, and smart thermostats, are an easy target for bad guys, especially in light of the often ignored security requirements. Many will remember the case of smart refrigerators that were hacked years ago to send malicious emails. It is clear that the risks associated with the compromise of IoT devices are increasing. Manufacturers, regulators and users must work together to improve the security of these devices and protect themselves from potential cyber threats.

You may also like

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More

Privacy & Cookies Policy