Did a hacker gang create a botnet out of 3 million electric toothbrushes? The answer is: No, but you’d be forgiven for having believed that was the case since a viral news story made the rounds earlier this week claiming it was so.
The story in question was published by a Swiss newspaper, Aargauer Zeitung , and claimed that three million electric toothbrushes had been tied into a botnet, which was then used by cybercriminals to carry out a financially damaging DDoS attack on a Swiss company’s website. The source of the story was researchers from Fortinet , a well-known security company based in California.
This story, which sounded just crazy enough to be true, was subsequently recycled by numerous English-speaking outlets , including Tom’s Hardware, ZDNet, and others. There was a certain logic to it. Cybercriminals can be very creative when it comes to using smart hardware to build malicious networks; the Mirai cybercriminals notably used over 100,000 smart devices to build one of the most notorious botnets ever. Why not use a smart toothbrush or two?
The problem, however, is that not all smart devices are built alike. The toothbrush story unraveled after security experts on X began chiming in about the ridiculousness of this scenario . Some said it was impossible, given that smart toothbrushes connect to Bluetooth , not the internet. A story from 404 Media cited skeptical security experts, who called into question the validity of the narrative.