Germany's rough week continues, as Deutsche Telekom recovers from the evolved Mirai botnet that disrupted service Sunday. Flashpoint researchers confirm the denial-of-service attack was Mirai-based, and that the botmasters appear to be trying to rope in more devices. Germany leads infections by a wide margin, but there are also significant infestations in the UK, Brazil, Iran, and Thailand.
One of the alleged botmasters, "BestBuy" (who's in cahoots with "Popopret"), has been chatting with Motherboard, to whom he (she? they?) boasts of the ease with which control of the bots was wrested from other criminals. BestBuy also says sorry to Deutsche Telekom customers—they didn't mean any trouble.
German Chancellor Merkel says it's not yet known who the attackers were, but she and other German politicians are clearly looking east, toward Russia. (We note, for what it's worth, that BestBuy communicates in the kind of scriptwriter's broken English favored by the Shadow Brokers.)
Germany's other bad news concerns the arrest of a BfV domestic intelligence officer alleged to be an ISIS mole feeding the Islamist group information and helping plan terror attacks. His thinly pseudonymous social media activity brought him under suspicion.
ISIS has, in its online propaganda, now officially claimed the Ohio State attacker as its soldier. In a separate case, a young man pleads guilty to US Federal terrorism charges; his allocution describes the effect of ISIS inspiration.
A new Android malware strain, "Gooligan," is out in the wild. A million Google accounts are thought to have been breached.