Connect with us

Hi, what are you looking for?


IoT Security

Were 3 Million Toothbrushes Really Used for a DDoS Attack?

Three million electric toothbrushes were reportedly used for disruptive DDoS attacks, but cybersecurity experts questioned the claims.

Toothbrush DDoS attack

It has been reported that three million electric toothbrushes have been hacked and abused for a highly disruptive distributed denial-of-service (DDoS) attack, but cybersecurity experts have rushed to question the claims.

The Swiss German-language daily newspaper Aargauer Zeitung published an article describing the alleged attack on January 30. 

According to a machine translation of the article, cybercriminals installed malware on three million electric toothbrushes and used the compromised devices to simultaneously access the website of a Swiss company, which caused the site to go offline for four hours and caused millions of dollars in damages for the victim. 

“This example, which seems like a Hollywood scenario, actually happened,” the article reads, suggesting that the information comes from a representative of cybersecurity vendor Fortinet. 

Several mainstream and even some more technical and cybersecurity-focused publications picked up the story without questioning the claims. Several members of the cybersecurity community, however, immediately expressed doubts concerning the veracity of the story.

“The three million toothbrush botnet story isn’t true,” Kevin Beaumont, a reputable cybersecurity researcher wrote on Mastodon, later describing it as “total bollocks”.

Another reputable cybersecurity expert, Robert Graham, also commented on the story, pointing out that the information from Fortinet was likely misinterpreted.

Graham and others highlighted that smart electric toothbrushes are connected to smartphones and tablets via Bluetooth, not via the internet, which makes it impossible for them to directly launch DDoS or any other type of attack over the web. 

Cybersecurity firm Malwarebytes published a blog post titled “How to tell if your toothbrush is being used in a DDoS attack”. The blog post’s body reads, “It’s not”.

Advertisement. Scroll to continue reading.

Indeed, Fortinet clarified for SecurityWeek that “the topic of toothbrushes being used for DDoS attacks was presented during an interview as an illustration of a given type of attack, and it is not based on research from Fortinet or FortiGuard Labs.” 

“It appears that due to translations the narrative on this topic has been stretched to the point where hypothetical and actual scenarios are blurred,” the company explained. 

Fortinet has been tracking IoT botnets such as Mirai, which are responsible for significant DDoS attacks, but clarified that none of these botnets has been observed targeting toothbrushes or similar embedded devices. 

Related: Hitron DVR Zero-Day Vulnerabilities Exploited by InfectedSlurs Botnet

Related: US Gov Disrupts SOHO Router Botnet Used by Chinese APT Volt Typhoon

Related: Cloud Server Abuse Leads to Huge Spike in Botnet Scanning

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.


Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Gain valuable insights from industry professionals who will help guide you through the intricacies of industrial cybersecurity.


Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.


Expert Insights

Related Content

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...

IoT Security

A vulnerability affecting Dahua cameras and video recorders can be exploited by threat actors to modify a device’s system time.

IoT Security

An innocent-looking portable speaker can hide a hacking device that launches CAN injection attacks, which have been used to steal cars.

IoT Security

Lexmark warns of a remote code execution (RCE) vulnerability impacting over 120 printer models, for which PoC code has been published.

IoT Security

Hikvision patches CVE-2023-28808, a critical authentication bypass vulnerability that exposes video data stored on its Hybrid SAN and cluster storage products.

Cybersecurity Funding

Internet of Things (IoT) and Industrial IoT security provider Shield-IoT this week announced that it has closed a $7.4 million Series A funding round,...

IoT Security

Researchers at offensive hacking shop Synacktiv demonstrated successful exploit chains and were able to “fully compromise” Tesla’s newest electric car and take top billing...


As smart cities evolve with more and more integrated connected services, cybersecurity concerns will increase dramatically.