Teenage Hacker Arrested For Disrupting 911 Service With DDoS Attack
Just last month, researchers explained how an attacker can knock the 911 service offline in an entire state by launching automated Distributed Denial of Service (DDoS) attacks using a botnet of just 6000 smartphones.
But, doing so, in reality, could not only land public in danger but the attacker as well.
The same happened to an 18-year-old teen from Arizona, who was arrested this week following a severe disruption of 911 emergency systems caused due to one of his iOS exploits.
Meetkumar Hiteshbhai Desai discovered an iOS vulnerability that could be exploited to manipulate devices, including trigger pop-ups, open email, and abuse phone features, according to a press release from the Cyber Crimes Unit of Maricopa County Sheriff’s Office.
In order to prove the flaw, Desai allegedly created several exploits and posted a link to one of his JavaScript exploits on his Twitter account and other websites.
People accessing the exploit link from their iPhones and iPads were forced to call 911 non-stop, which flooded a 911 call center with more than 100 hang-up calls within a “matter of minutes” earlier this week.
After being notified of disruption to the 911 service around the Phoenix, Arizona, area, investigators immediately launched an investigation and traced the Twitter link back to a web page registered to ‘Meet Desai.’
The authorities identified Desai as the possible suspect behind the attack against the 911 service and took him into custody late Wednesday.
On his part, Desai claimed he just meant to upload a script that simply displayed pop-ups and caused iOS devices to reboot, but he mistakenly published a link to an exploit that caused iOS devices to dial 911 and hang up continually.
According to authorities, Desai shared the critical iOS exploit on Twitter with over 12,000 followers, out of which over 1,849 clicked on that link.
Maricopa officers arrested Desai, took him to jail and booked him on three counts of felony computer tampering charges, on Monday, October 24.
Source | thehackernews