It has been reported that three million electric toothbrushes have been hacked and abused for a highly disruptive distributed denial-of-service (DDoS) attack, but cybersecurity experts have rushed to question the claims. The Swiss German-language daily newspaper Aargauer Zeitung published an article describing the alleged attack on 30 January 2024. According to a machine translation of the article, cybercriminals installed malware on three million electric toothbrushes and used the compromised devices to simultaneously access the website of a Swiss company, which caused the site to go offline for four hours and caused millions of dollars in damages for the victim.
“This example, which seems like a Hollywood scenario, actually happened,” the article reads, suggesting that the information comes from a representative of cybersecurity vendor Fortinet. Several mainstream and even some more technical and cybersecurity-focused publications picked up the story without questioning the claims. Several members of the cybersecurity community, however, immediately expressed doubts concerning the veracity of the story.
“The three million toothbrush botnet story isn’t true,” Kevin Beaumont, a reputable cybersecurity researcher wrote on Mastodon, later describing it as “total bollocks”.
Another reputable cybersecurity expert, Robert Graham, also commented on the story, pointing out that the information from Fortinet was likely misinterpreted.
Graham and others highlighted that smart electric toothbrushes are connected to smartphones and tablets via Bluetooth, not via the internet, which makes it impossible for them to directly launch DDoS or any other type of attack over the web.
Cybersecurity firm Malwarebytes published a blog post titled “How to tell if your toothbrush is being used in a DDoS attack”. The blog post’s body reads, “It’s not”.
Fortinet stated that “the topic of toothbrushes being used for DDoS attacks was presented during an interview as an illustration of a given type of attack, and it is not based on research from Fortinet or FortiGuard Labs.” “It appears that due to translations the narrative on this topic has been stretched to the point where hypothetical and actual scenarios are blurred,” the company explained. Fortinet has been tracking IoT botnets such as Mirai, which are responsible for significant DDoS attacks, but clarified that none of these botnets has been observed targeting toothbrushes or similar embedded devices.
Just to be on the safe side, Red Sky Alliance recommends that electric toothbrush users keep their toothbrush in a faraday cage, right next to their tin foil hats.
This article is presented at no charge for educational and informational purposes only.
Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. For questions, comments or assistance, please contact the office directly at 1-844-492-7225, or feedback@redskyalliance.com
Weekly Cyber Intelligence Briefings:
- Reporting: https://www. redskyalliance. org/
- Website: https://www. redskyalliance. com/
- LinkedIn: https://www. linkedin. com/company/64265941
Weekly Cyber Intelligence Briefings:
REDSHORTS - Weekly Cyber Intelligence Briefings
https://attendee.gotowebinar.com/register/5504229295967742989
https://www.securityweek.com/3-million-toothbrushes-abused-for-ddos-attacks-real-or-not/
Comments