British police arrested a 29-year-old man at a London airport Wednesday in relation to the “computer sabotage” of Deutsche Telekom, Motherboard reports, in an operation involving Europol, Eurojust, and German, British and Cypriot law enforcement. If found guilty, he faces six to ten years in jail.
Authorities believe the suspect may be the hacker known as BestBuy, the criminal mastermind that used Mirai malware to exploit hundreds of thousands of home routers and shut down the internet for a million Deutsche Telekom users in November.
At the time, Motherboard reached out to BestBuy, who admitted to the attack.
“I would like to say sorry to [Deutsche Telekom] customers—it was not our intention,” BestBuy, who claimed to be working with a hacker called Popopret, said in an interview with Motherboard.
This attack was part of a series carried out by DVRs, routers and surveillance cameras infected with Mirai. BestBuy took the Mirai code, which was shared online by its author, and added the new vulnerabilities he discovered. The modified version was available for anyone willing to pay, making it easy to launch DDoS attacks through hacked IoT devices.
Although other hackers have been arrested in relation to DDoS attacks and services, the recent arrest at a London airport is the first officially linked to the long list of Mirai attacks around the world, including anti-spam company Spamhaus and Liberia.