Authorities in Arizona say a teenage hacker disrupted the emergency 911 system for the Phoenix metro area and surrounding states this week with a malicious link shared on social media.
The Maricopa County Sheriff’s Office announced the arrest Thursday of Meetkumar Hiteshbhai Desai, an 18-year-old self-described iOS developer accused of being responsible for what authorities called a potentially dangerous cyberattack waged against critical infrastructure.
Mr. Desai has been charged with three counts of felony computer tampering related to a cyberattack police say he caused Tuesday night by spreading a malicious link that nearly crashed the emergency call systems used by the Surprise Police Department.
The Surprise Police received over 100 emergency calls within minutes Tuesday evening and was “in immediate danger of losing service” because smartphone and tablet users were opening a malicious link hosted on the young man’s website, the the Sheriff’s Office said in a statement.
Investigators were able to quickly shut down the site and identify Mr. Desai as its owner, according to the Sheriff’s Office. He was soon brought in for questioning and detailed how the attack unfolded, the statement said.
Mr. Desai allegedly told police that he had accidentally placed a modified javascript code on his website that forced iOS devices to phone the police when opened. The Sheriff’s Office said he claimed he intended to upload a non-harmful, “funny” script to his website that would force devices to reboot when opened, when may have accidentally pushed out the harmful version that dialed 911 instead.
“Meet stated that although he did add that feature to the bug he had no intention of pushing it out to the public, because he knew it was illegal and people would ’freak out,’” the Sheriff’s Office said in a statement. “Meet later claimed that he developed these malicious bugs and viruses to be recognized in the hacker and programming community as someone who was very skilled.”
Authorities say the malicious link that executed the code was being widely shared Tuesday night on Twitter, and was posted in response to a YouTube video uploaded to a channel called “TheHackSpot.” A Twitter account in the hacker’s name posted a screenshot Wednesday afternoon that indicated his website had been receiving thousands of hits.
In addition to nearly crippling the 911 system used by police in Surprise, authorities said the malicious link resulted in bogus calls being similarly placed with the Peoria Police Department, the Maricopa County Sheriff’s Office and agencies in California and Texas.
Researchers at Israel’s Ben-Gurion University warned in a report last month that the emergency systems for entire states could be easily crippled by compromising only about 6,000 smartphones and forcing those devices to make automated calls. Last year, hackers were able to infect roughly 650,000 Chinese smartphones with malware and use those devices to wage a telephonic distributed denial-of-service attack that knocked a website offline.
Mr. Desai was arrested Thursday and booked at 4th Avenue Jail in Phoenix. He was no longer listed as an active inmate on the Maricopa County Sheriff’s Office website as of Saturday, but could not immediately be reached for comment.
• Andrew Blake can be reached at ablake@washingtontimes.com.
Please read our comment policy before commenting.