Cybercriminals have expanded their botnet capabilities with around 3 million smart toothbrushes infected with malware, Swiss newspaper Aargauer Zeitung reported, referring to Stefan Züger, Director Systems Engineer from the Swiss branch of Fortinet. However, some experts doubt the validity of this assertion.
An unbelievable scenario that actually happened: remotely controlled toothbrushes participated in a distributed denial of service (DDoS) attack to simultaneously access and bring down the website of a company in Switzerland, according to Aargauer Zeitung.
Some smart toothbrushes use connectivity to track and improve user hygiene habits. For example, apps can then tell how well users brush their teeth.
Cybercriminals exploited gaps in the Java programming language to infect smart toothbrushes secretly. Then a single command was used to direct their requests to a targeted server.“Every device that is connected to the internet is a potential target – or can be misused for an attack,” warned Züger.
However, while the story was widely shared online, some experts share opinions that toothbrushes being involved in DDoS attacks may be a fictitious example.
“The three million toothbrush botnet story isn’t true,” Cybersecurity expert Kevin Beaumont shared on Mastodon. “It’s simply a made-up example. It doesn’t exist.”
Nonetheless, future technological advancements might make such scenarios plausible. Cybernews has already reported that cybersecurity professionals avoid smart devices for a good reason – they are easy to hack due to questionable update practices and lack of support.
Aargauer Zeitung's report shared that Züger and his team recently demonstrated an experiment on how long it would take for the internet-connected computer “without any protection” to get infected. Allegedly, the system was compromised after just 20 minutes.
Almost 50 thousand cyber incidents were filed with the Swiss Federal Office for Cybersecurity (BACS) last year, 43% more than the previous year.
Your email address will not be published. Required fields are markedmarked