On Wednesday Feb 22 2017, law enforcement authorities arrested a 29-year-old British suspect at the Luton airport in London. Some suspect that the man is a hacker known as “BestBuy”, who is responsible for the massive Deutsche Telekom breach.
The Federal Criminal Police Office (BKA) in Germany announced the arrest of the suspect on Thursday. The 29-year-old is charged with computer sabotage against Deutsche Telekom. According to law enforcement authorities, the police operation was a joint action between local police, British and Cypriot law enforcement agencies, with help from Europol and Eurojust.
“BestBuy is down,” Jack B., one of the anonymous researchers behind the initiative, told the media. He published his researchers of the investigation, which could be found here.
At the end of last year, hackers took over millions of Internet of Things (IOT) devices using a specific malware called Mirai. The cybercriminals rented out the massive botnet they created, so anyone could use it to take down websites and servers with DDoS attacks. This botnet is responsible for internet outages and cyber attacks on several countries and institutions.
If law enforcement authorities really arrested BestBuy, it “would be a great blow to some of the Mirai operations,” according to Marshal Webb, chief technology officer at BackConnect and a researcher who’s followed Mirai for months, told the media. “There are only a handful of Mirai operators that actually have an idea of what they are doing. Bestbuy/Popopret were an example of the competent ones that could actually achieve numbers capable of doing damage.”
On Thursday, Deutsche Telekom published a statement regarding the hacker’s arrest.
“We welcome the international search success very much, and have supported the law enforcement authorities with our experts,” Thomas Kremer, a member of the board of directors, responsible for data protection, law, and compliance at Telekom, said in a statement. “We will also examine civil law steps against the alleged offender. The example shows that the law can also be enforced in cyberspace.”
According to Kremer, the arrest is a great success against international cybercriminals. Companies in many countries suffered massive breaches from hackers using Mirai botnets. With BestBuy arrested, law enforcement authorities have a chance to acquire intel how cybercriminals conduct such attacks, and how to prevent them from happening.
“This is an unprecedented success,” Daniel Vollmert, press officer for economic matters at the Cologne Public Prosecutor’s Office, said in relief. According to the prosecutor’s office, the BKA, which prepared the arrest of the suspect in the United Kingdom with close cooperation with British law enforcement authorities, carried out the investigations in the case. Officials of the Federal Criminal Police Office are now involved in further investigations in London.
The 29-year-old is the first person to be publicly accused of launching cyber attacks using Mirai. According to German authorities, the British man could face six to ten years in prison for his crimes.