A British hacker has told a German court he took $10,000 from a Liberian ISP to hack almost a million German routers. He said he was sorry and that it was a mistake.
A British hacker who took almost 1 million German internet users offline was handed a suspended sentence on Friday.
The 29-year-old Daniel K. told a Cologne court he made "the worst mistake of my life" when he carried out a failed attack in November for a Liberian client who paid him $10,000 (8,500 euros at the current exchange rate).
Daniel K., who went by the online aliases Spiderman and Peter Parker, attempted to build a massive botnet by exploiting a remote-access vulnerability in home routers.
The attack used a security vulnerability in some router models manufactured by Zyxel and Speedport. The Speedport model affected was widely used by German internet service provider Deutsche Telekom.
The vulnerability revolved around a feature on the router that allowed Deutsche Telekom to configure and update the router remotely.
The attack took more than 900,000 Telekom users offline for two days as the ISP attempted to remove the infections. Users were asked to reset their routers, which removed the malware, and a new update patching the vulnerability was sent remotely.
The malware spread to a dozen internet service providers (ISP's) around the world but Telekom clients were hit the hardest.
The attack was meant to feed into the Mirai botnets, which were responsible for massive denial of service attacks through 2016 using hacked internet-connected devices such as webcams and routers.
Daniel K. told the regional court that a Liberian telecom company paid him to use the hacked routers to damage a local rival. Telekom said the attack caused 2 million euros of damage.
His lawyer said his client had downloaded the source code for the malware and that his implementation was "amateurish."
He was given a suspended sentence of one year and eight months. The maximum sentence was 10 years, and prosecutors had asked for two years. He was granted some leniency for confessing to the crimes and helping expose others.
Extradition to UK
Telekom said it was pleased that such crimes were being prosecuted in Germany, but that it was investigating whether it could take separate civil action against the Briton.
Although he won't be jailed in Germany, he is facing extradition to Britain for alleged involvement in other hacking attacks and bank blackmail cases.
He was arrested in February at London's Luton airport on a European arrest warrant for attempted computer sabotage and extradited to Germany.
Half of all German companies have been hit by cyberattacks over the past two years, according to a study by the country's digital trade group Bitkom published this month.