In recent days, you may have heard about the terrifying botnet consisting of 3 million malware-infected electric toothbrushes. While you were absentmindedly taking care of your oral hygiene, you didn't know that your toothbrush and millions of others were being controlled remotely by nefarious criminals.
Alas, fiction is sometimes stranger than the truth. There weren't really 3 million internet-connected toothbrushes that accessed a Swiss company's website in a DDoS attack that caused millions of dollars in damage. The toothbrush botnet was just a hypothetical example that some journalists misinterpreted as having actually happened.
It apparently started on January 30 history by the German-speaking Swiss daily Aargauer Zeitung. Tom's Hardware helped pass the story into English Tuesday this week in an article titled “Three million smart toothbrushes infected with malware and used in DDoS attacks in Switzerland.”
Tom's Hardware wrote:
According to a recent report published by the Aargauer Zeitung, around three million smart toothbrushes have been infected by hackers and enslaved in botnets. The source report states that this large army of connected dental cleaning tools was used in a DDoS attack on a Swiss company's website. The company's website collapsed under the pressure of the attack, reportedly resulting in a loss of millions of euros in business.
In this particular case, the toothbrush botnet was thought to be vulnerable due to its Java-based operating system. No particular brand of toothbrush was mentioned in the source report. Normally, toothbrushes would have used their connectivity to track and improve users' oral hygiene habits, but after a malware infection, these toothbrushes were bundled into a botnet.
Does this make sense?
Security experts poked holes in the story, saying the description of the botnet appeared to be hypothetical and didn't really make sense anyway. Matthew Remacle, security researcher called That's absurd Tuesday, pointing out that smart toothbrushes simply connect to phones via Bluetooth instead of connecting directly to the internet.
“A supply chain compromise/backdoor in the toothbrush app would be like… the only way this story could be even remotely true because phones have internet and brushes toothbrush no. But it's not a toothbrush botnet, it's a telephone run-botnet like that,” he wrote.
Security expert Robert Graham said there is “no evidence that 3 million toothbrushes performed a DDoS”, and that the hypothesis proposed by a security company was “misinterpreted by a journalist”.
“What is wrong with you guys???? There are no details, like who is the DDoS target? what brand were the toothbrushes? how are they connected to the internet (hint: they are) t, they are Bluetooth)?” Graham wrote.
Security company: fiction and reality were “blurred”
The hypothesis originally came from security company Fortinet. A 404 Press article Yesterday, which debunked the viral story, cited Fortinet as confirming that the botnet was not real. “FortiGuard Labs has not observed Mirai or other IoT botnets targeting toothbrushes or similar embedded devices,” Fortinet said.
Tom's Hardware has since updated his storyquoting Fortinet explaining:
To clarify, the topic of toothbrushes used in DDoS attacks was presented in an interview as an illustration of a given type of attack, and it is not based on research from Fortinet or FortiGuard Labs . It seems that due to translations, the narrative on this topic has been stretched to the point that the hypothetical and real scenarios are blurred.
The Tom's Hardware update cites the German-language article about the toothbrush botnet as saying the incident “actually happened.” Running the German text through Google Translate produces the following: “This example, which sounds like a Hollywood scenario, actually happened.”
The German-language newspaper published a follow-up article today which cites Fortinet's statement that the toothbrush botnet was not real.
Given the doubts about whether this scenario would work as a hypothesis, we contacted Fortinet to ask for details on how a toothbrush botnet could work if hackers were determined to make it happen. We will update this article if we get a response.
“What’s next, malware-infected dental floss?” »
In addition to Tom's Hardware, ZDNet broadcast fiction in English with a history titled “3 million smart toothbrushes were just used in a DDoS attack. Really.”
“What’s next, malware-infected dental floss?” » asked ZDNet. ZDNet acknowledged that this didn't really happen in a way Updated version of the article which insists that the attack “could happen”.
The Independent, a British online news site, similarly backpedaled. It is original story was titled “Millions of hacked toothbrushes used in Switzerland cyberattack, report says.” The Independents New version is titled “Millions of Hacked Toothbrushes Could Be Used in Cyberattack, Researchers Warn.” »
Graham yesterday praised Fortinet for “Do the right thing” by clearly telling the media that the botnet story was false. Although he blamed journalists for the misinterpretation, Graham also criticized Fortinet for making “vague and unsubstantiated claims” about “something that could happen “.
“This whole thing is bullshit,” he wrote.