TalkTalk and Post Office routers hit by cyber-attack

December 1, 2016 3:33 pm Published by

TalkTalk and Post Office routers hit by cyber-attack

TalkTalk logoImage copyright
Getty Images

Image caption

Some TalkTalk customers cannot access the internet

TalkTalk and Post Office broadband customers have had their online access cut by an attack targeting certain types of internet routers.

A spokeswoman for the Post Office told the BBC that the problem began on Sunday and had affected about 100,000 of its customers.

Talk Talk also confirmed that some of its customers had been affected, and it was working on a fix.

It is not yet known who is responsible for the attack.

Earlier in the week, Germany’s Deutsche Telekom revealed that up to 900,000 of its customers had lost their internet connection as a result of the attack.

Image copyright
Getty Images

Image caption

The Post Office provides a broadband service that runs off the back of TalkTalk’s service

It involves the use of a modified form of the Mirai worm – a type of malware that is spread via hijacked computers, which causes damage to equipment powered by the Linux operating system.

Mirai was also involved in an earlier attack that caused several of the world’s leading websites to become inaccessible, including Spotify, Twitter and Reddit.

Several models of router are vulnerable to the latest cyber-assault, including the Zyxel AMG1302, which is used by the Post Office.

“We would like to reassure customers that no personal data or devices have been compromised,” said the Post Office’s spokeswoman.

“We have identified the source of the problem and implemented a resolution which is currently being rolled out to all customers.

“For those customers who are still having problems, we are advising them to reboot their router.”

Image copyright

Image caption

Zyxel’s AMG1302 router fell victim to the Mirai worm

The same router is also used by Kcom, an internet service provider (ISP) based in Hull, whose customers have also been affected.

“The vast majority of our customers are now able to connect to and use their broadband service as usual,” the firm said in a statement.

“Our core network was not affected at any time and we have put in place measures to block future attacks from impacting our customers’ routers and their ability to access the internet.”

Attack widens

Security researchers have also suggested that TalkTalk’s D-Link DSL-3780 routers are also vulnerable to the Mirai malware.

According to the Downdetector website, TalkTalk customers have reported disruption to their internet service over the past days.

A spokeswoman from the firm confirmed that its DSL-3780 routers were affected but said only a small percentage of its customers used them.

Categorised in:

This post was written by FSB News