The three million toothbrush botnet story isn’t true.
Conversation
Notices
-
Embed this notice
Kevin Beaumont (gossithedog@cyberplace.social)'s status on Wednesday, 07-Feb-2024 06:04:07 JST 
Kevin Beaumont
-
Embed this notice
Nick Schiwy (itsshevee@tusky.town)'s status on Wednesday, 07-Feb-2024 06:10:19 JST 
Nick Schiwy
@GossiTheDog I don't even know if you're just shitposting or if that is a real fake thing but I'm now in love with the idea of a toothbrush botnet
-
Embed this notice
Tom Sellers (tomsellers@infosec.exchange)'s status on Wednesday, 07-Feb-2024 07:18:41 JST 
Tom Sellers
Here is a Fortinet PDF for the Is my toothbrush really smart? presentation by Axelle Apvrille at Troopers in 2018. I suspect this information is what they are referencing in the article.
https://filestore.fortinet.com/fortiguard/research/toothbrush.pdf
-
Embed this notice
Kevin Beaumont (gossithedog@cyberplace.social)'s status on Wednesday, 07-Feb-2024 07:21:01 JST
Kevin Beaumont
The toothbrush thing has gone viral despite it being total bollocks.
-
Embed this notice
Taggart :donor: (mttaggart@infosec.town)'s status on Wednesday, 07-Feb-2024 07:25:49 JST 
Taggart :donor:
@GossiTheDog Aw dang, thanks for sharing this. But the archive.is link doesn't actually let you read the story. It's obscured even in that form by other text.
-
Embed this notice
Oriel Jutty :hhHHHAAAH: (barubary@infosec.exchange)'s status on Wednesday, 07-Feb-2024 07:53:54 JST 
Oriel Jutty :hhHHHAAAH:
@GossiTheDog @mttaggart That says the toothbrush incident actually happened, despite sounding like a Hollywood scenario.
-
Embed this notice
Taggart :donor: (mttaggart@infosec.town)'s status on Wednesday, 07-Feb-2024 08:00:32 JST
Taggart :donor:
@barubary @GossiTheDog I think this is a translation issue, as the article was written in German. I believe Kevin is correct that this is hypothetical.
-
Embed this notice
Euph0r14 (euph0r14@infosec.exchange)'s status on Wednesday, 07-Feb-2024 08:32:59 JST 
Euph0r14
@GossiTheDog The article says it’s true, I’m not sure what translating tools are outputting but I am german so I will translate a section:
(Rough translation from me:)
The electric toothbrush runs on Java, and without any warning or notice Criminals were able to install malware on it - just like 3 million other toothbrushes. One command is enough and at the exact same time the remote controlled Toothbrushes request the website from a Swiss company. The site collapses and is unresponsive for 4 hours. Causing damages in the millions.
An example that sounds like a Hollywood scene, but which really happened.
(German OG below)
Die elektrische Zahnbürste ist mit Java programmiert, und unbemerkt haben Kriminelle darauf eine Schadsoftware installiert - wie auf 3 Millionen anderen Zahnbursten auch. Ein Befehl genügt, und die ferngesteuerten Zahnbürsten rufen gleichzeitig die Website einer Schweizer Firma auf. Die Seite bricht zusammen und ist für vier Stunden lahm gelegt. Es entsteht ein Schaden in Millionenhöhe.
Das Beispiel, das wie ein Hollywood-Szenario daherkommt, hat sich wirklich so zugetragen. -
Embed this notice
Euph0r14 (euph0r14@infosec.exchange)'s status on Wednesday, 07-Feb-2024 08:39:08 JST
Euph0r14
@GossiTheDog @mttaggart @barubary @serghei
This news article claims this happened, but my guess is that what actually happened is this:
Journalists talks with guy from fortinet, fortinet guy explains how a bot net of 3 million devices took down a Swiss companies site, Journalists asks what devices, fortinet guy talks about different things (like smart home devices / iot) and mentions that even a smart toothbrush could be part of such a bot net.
And the rest is history.
-
Embed this notice
Michael Slattery (slatteryz@todon.eu)'s status on Wednesday, 07-Feb-2024 08:39:49 JST 
Michael Slattery
@TomSellers @GossiTheDog "Damage teeth and gums with high speed motor"
-
Embed this notice
Tom Sellers (tomsellers@infosec.exchange)'s status on Wednesday, 07-Feb-2024 08:39:51 JST
Tom Sellers
@GossiTheDog It's also 6 years old. Seems I skimmed a bit too fast.
-
Embed this notice
Euph0r14 (euph0r14@infosec.exchange)'s status on Wednesday, 07-Feb-2024 08:49:43 JST
Euph0r14
@GossiTheDog @Euph0r14 @mttaggart @barubary @serghei I tried doing some rudimentary german language searches for big DDoS attacks against Swiss companies and didn’t find something which would fit (would have certainly been in the news?)
Nothing mentioning 3 million devices.
I did find ddos attacks from ~2016 against Major Swiss online shopping sites, so maybe this could be meant? They went down for a few hours and could have done millions in damages.
-
Embed this notice
Euph0r14 (euph0r14@infosec.exchange)'s status on Wednesday, 07-Feb-2024 08:55:58 JST
Euph0r14
@GossiTheDog @Euph0r14 @mttaggart @barubary @serghei yeah NoName, seems to be a bit of a bogeyman in Swiss news (or news in general).
But I don’t think that example relates to NoName, so I wonder how this came to be.
-
Embed this notice
Kevin Beaumont (gossithedog@cyberplace.social)'s status on Wednesday, 07-Feb-2024 17:33:48 JST
Kevin Beaumont
Now NoName have picked up the fake toothbrush story as propaganda for their members.
-
Embed this notice
Christian Kündig (chkuendig@ioc.exchange)'s status on Wednesday, 07-Feb-2024 19:09:05 JST 
Christian Kündig
@GossiTheDog The weird thing is that in this linked interview, the Fortinet exec claims this really happened to some swiss firm and caused milions in damage during it's 4h outage (which also just doesn't pass the smell test)
-
Embed this notice
Samuel Leuenberger (leuenberg@cyberplace.social)'s status on Wednesday, 07-Feb-2024 22:06:46 JST 
Samuel Leuenberger
@GossiTheDog Thanks to you the French speaking IT media are starting to debunk this story (with proper credits inside the article) :
-
Embed this notice
Kevin Beaumont (gossithedog@cyberplace.social)'s status on Thursday, 08-Feb-2024 00:15:59 JST
Kevin Beaumont
Fortigate haven’t replied to my PR question about it. Given this is several times the size of the world’s biggest botnet, you’d think they’d have any evidence.. at all.
-
Embed this notice
Loman-Feusagach (lomanfeusagach@mastodon.social)'s status on Thursday, 08-Feb-2024 00:32:46 JST 
Loman-Feusagach
@GossiTheDog it is amazing how quickly it spread without any fact checking.
-
Embed this notice
Ti Kallisti (bartmoss_h4x0r@corteximplant.com)'s status on Thursday, 08-Feb-2024 08:00:43 JST 
Ti Kallisti
@GossiTheDog The source said it actually happened, though, right?
Are they lying? -
Embed this notice
0ddj0bb Is At Cyphercon (0ddj0bb@infosec.exchange)'s status on Thursday, 08-Feb-2024 08:01:28 JST 
0ddj0bb Is At Cyphercon
@GossiTheDog the german in the archive link seems to indicate the example actually happened though.
-
Embed this notice
Heretical_i (heretical_i@kafeneio.social)'s status on Thursday, 08-Feb-2024 08:05:18 JST 
Heretical_i
@GossiTheDog Tom's Hardware website quotes another paywalled news site at the bottom. I see no reason to believe it isn't legit and Tom's is legit, but I don't know YOU from a hole in the ground. Here. ZDNet. No one's retracting this https://www.zdnet.com/home-and-office/smart-home/3-million-smart-toothbrushes-were-just-used-in-a-ddos-attack-really/ https://www.aargauerzeitung.ch/wirtschaft/kriminalitaet-die-zahnbuersten-greifen-an-das-sind-die-aktuellen-cybergefahren-und-so-koennen-sie-sich-schuetzen-ld.2569480
-
Embed this notice
Simon (smrqdt@chaos.social)'s status on Thursday, 08-Feb-2024 10:22:35 JST 
Simon
@GossiTheDog To be fair, the second paragraph states: “This example, which looks like a Hollywood scenario, really happened.”, so the original journalist already got it wrong… But funny, how a very small, local Swiss newspaper caused this.
-
Embed this notice
Lukas (darkcisum@swiss.social)'s status on Thursday, 08-Feb-2024 17:39:20 JST 
Lukas
@GossiTheDog As a Swiss I saw it as my duty to send the editors and author an email requesting a correction of the original article...
-
Embed this notice
All GNU social JP content and data are available under the