Talk Talk And Post Office Broadband Taken Offline After Mirai Botnet Hack Attack

Mirai botnet strikes again, attacking routers and cutting-off broadband

Broadband customers of Talk Talk and the Post Office have found themselves cut-off from the Internet after a hack attack was made against their routers.

A spokeswoman told the BBC that a problem arose on Sunday that affected the broadband of 100,000 of its customers, and Talk Talk confirmed that is was suffering similar problems and has been working on a fix.

The problems appear to have stemmed from the Mirai botnet, which was used to exploit a vulnerability in the Zyxel AMG1302-T10B wireless routers used by the Post Office and the D-Link DSL-3780 uses by Talk Talk, though the latter said only a small number of its customers had been affected.

“We would like to reassure customers that no personal data or devices have been compromised,” the Post Office’s spokeswoman told the BBC.

“We have identified the source of the problem and implemented a resolution which is currently being rolled out to all customers.

Mirai attacks again

ENISA botnet reportThe Mirai botnet, already infamous for being used to affect the services of Spotify, Twitter and Reddit, was also used to target the Zyxel router used by internet service provider (ISP) Kcom, though the company said most of its customers are now back online with their broadband service running as usual.

No hacker group or individual has claimed responsibility for the attack at the time of writing.

While the worst of the attack appears ot be over Mark James, IT security specialist at ESET, noted that such router attacks are not to be taken lightly.

“Router attacks or compromises could form considerable risk. For the consumer, the single point of failure that has all their internet data travelling through is their router,” he said in a statement sent to Silicon UK.

“Regardless of the connection internally, if the router is hijacked then in most cases the ability to filter traffic through to any website they choose is as simple as changing DNS servers. Quite simply, if your router gets compromised then all traffic could in theory be tampered with.

“Ensuring your home router is on the latest version of its firmware and that the default credentials are changed as soon as possible is of utmost importance in keeping you and your data safe. If you find your router is too old to be updated then ideally you should consider a newer one that is being maintained.

“The trouble is, as it’s often an “install and forget” device gathering dust on a shelf or even in a cupboard, it’s usually last on the list of devices being monitored. Ideally you should check all your internet enabled devices to see if they have been or could be updated and proceed with utmost urgency if found to be out of date.”

For Talk Talk another high profile hack will not do much for the company’s reputation, given was recently hit with a £400,000 fine due to negligence over a major hack and data leak in 2015.

Can you protect your privacy online? Take our quiz!