Did Hackers Use 3 Million Electric Toothbrushes in DDoS Attack?

Did Hackers Use 3 Million Electric Toothbrushes in DDoS Attack?
Cover Image Source: Oral-B IO toothbrush with the magnetic technology IO | Getty Images | Photo by Joan Cros

The viral news claiming that three million electric toothbrushes were hacked with malware to orchestrate distributed denial of service (DDoS) attacks appears to be further from the truth. Last week, Swiss news outlet Aargauer Zeitung published a report alleging that an employee from cybersecurity firm Fortinet had disclosed the infiltration of three million electric toothbrushes with Java malware, purportedly aimed at conducting DDoS attacks against a Swiss company.


Also Read: Here's how Online Censorship is Affecting Schools Across America

"Fortinet provided specific details: information about how long the attack took down a Swiss company's website, an order of magnitude of how great the damage was. Fortinet did not want to reveal which company it was out of consideration for its customers. The text was submitted to Fortinet for verification before publication. The statement that this was a real case that really happened was not objected to," he said.

"One command is enough, and the remote-controlled toothbrushes simultaneously access the website of a Swiss company. The site collapses and is paralyzed for four hours. Millions of dollars in damage is caused," he added.

DDoS attacks, which involve inundating a website or online service with a barrage of requests to render it inaccessible to legitimate users, have become increasingly prevalent in recent years. Such attacks are typically orchestrated by leveraging a network of compromised devices, including routers, servers, and Internet of Things (IoT) devices, which are commandeered to flood the target with traffic.

In this photo illustration, a hacker with an Anonymous mask on his face and a hood on his head uses a computer | Getty Images | Photo by Chesnot
Image Source: Getty Images | Photo by Chesnot

Also Read: Costco's Return Policy Goes Viral Following Video About Customer Returning 22-Year-Old TV

While the concept of using electric toothbrushes as part of a DDoS botnet is certainly attention-grabbing, it raises practical concerns about the plausibility of such an attack. Unlike traditional IoT devices, electric toothbrushes are not typically connected directly to the internet; instead, they typically communicate via Bluetooth with accompanying mobile apps for data tracking purposes.

This raises doubts about the feasibility of remotely infecting and controlling millions of toothbrushes without a direct internet connection. Moreover, the lack of documented instances of IoT devices being exploited on such a massive scale undermines the credibility of the reported incident.

Also Read: Check out the List of Exclusive Cars and Sneakers to be Auctioned by Sotheby's


In response to the allegations, Fortinet said, "To clarify, the topic of toothbrushes being used for DDoS attacks was presented during an interview as an illustration of a given type of attack, and it is not based on research from Fortinet or FortiGuard Labs. It appears that due to translations the narrative on this topic has been stretched to the point where hypothetical and actual scenarios are blurred."

Fortunately, the likelihood of your toothbrush being recruited for such nefarious activities is minimal. So, while you continue to maintain your oral hygiene, ensure your internet-connected devices remain secure and protected.


Man Sentenced to Prison for COVID-19 Relief Fraud, Ordered to Repay $1.3M

'Can You Hear Me?' Scam Strikes Again, Better Business Bureau Warns

Share this article:  Did Hackers Use 3 Million Electric Toothbrushes in DDoS Attack?