Bug Bounty Hunter Accidentally Launched DDoS Attack on 911

The Maricopa County Sheriff’s Office Cyber Crimes Unit arrested Meetkumar Hiteshbhai Desai, an 18-year-old teenager from the Phoenix area, for a DDoS attack on the 911 emergency system with hang-up calls.

According to a press release from the Maricopa County Sheriff’s Office, Desai created a JavaScript exploit, which he shared on Twitter and other websites with his friends.

People accessing Desai’s link from iOS devices such as iPads and iPhones saw their devices automatically dialing and redialing 911.

As Desai told Maricopa County officers, he was only interested in discovering bugs in iOS, which he could report to Apple and thus possibly earn money or recognition among his friends.

Desai said that he received a tip about a bug in iOS, which he successfully exploited. During his tests, the teenager created several weaponized versions of this bug which would constantly dial a phone number, or show annoying popups.

The teenager says he wanted to prank his friends, thinking it would be “funny,” but when he shared the weaponized link online, he shared a version that instead of showing annoying popups, redialed a phone number, which in this case was 911.

Authorities said Desai shared the link on Twitter with over 12,000 followers. A later investigation revealed that over 1,849 people clicked on the link.

Investigators say that the iOS devices of these individuals started calling 911 numbers all over the US and hanging up. Emergency systems from Texas to California said they experienced a spike in hang-up calls.

The most affected was the Phoenix area, where Desai and most of his friends lived. The Peoria Police Department and the Maricopa County Sheriff’s Office said they received a large number of 911 hang-up calls, but the most affected was the Surprise Police Department, which received over 100 calls in a short amount of time, almost knocking its system offline.

Related posts

ANY.RUN Discovers Tricky Phishing Attack Using Fake CAPTCHA

Kia Dealer Portal Vulnerability Risked Millions of Cars

Latest Octo Malware Variant Mimics Popular Apps Like NordVPN, Chrome