Teenage Hacker Arrested for Accidental 911 Service DDoS Attack

911

An 18-year-old teenager from Arizona was arrested after accidentally sharing an exploit that led to the 911 emergency system being flooded with hang-up calls.

Meetkumar Hiteshbhai Desai, a Pheonix-based teenager created a JavaScript exploit, according to the Maricopa County Sheriff’s Office.

“Meet”, who is an iOS bug researcher, told Sheriff’s detectives that he was a white hat researcher who got paid by the likes of Apple for discovering bugs and viruses in legitimate programs.

The hacker explained how he came about looking into a bug in the iOS platform, a discovery made by an online acquaintance who then agreed to look at the bug together.

A press release by the Sheriff’s office explained:

Meet looked at the bug and discovered that he could manipulate the function and add annoying pop ups, commands to open email and activate the telephone dialing feature on iOS cell phones by utilizing a java script code he created.

The hacker stated that he knew not to push the bug to the public as it was illegal and that people would “freak out.” Meet accidentally shared the harmful version of the exploit to the public as a Twitter link, instead of the less harmful version of the bug that would have only caused pop ups. The link was shared on a Twitter account with about 12,000 followers.

A later investigation revealed that over 1,849 people had clicked on that link. This led to the Surprise Police Department receiving well over 100 (911) hang-up calls within a matter of minutes. It was also reported that agencies in California and Texas were also affected at their respective 911 systems due to this bug.

Desai was arrested and booked into the 4th Avenue Jail by Maricopa officers on three counts of felony computer tampering on Monday, October 25.

Ironically, it was only less than 2 months ago when researchers determined that the 911 emergency system was at risk from automated DDoS attacks induced from infected smartphones, foretelling this precise scenario.

A fleet of 200,000 infected Android phones, they determined, would put at risk the entire emergency services system in the United States.

Image credit: Pixabay.