Nude photos of female celebrities including actresses Jennifer Lawrence, Cat Deeley, and Mary Elizabeth Winstead and singers Avril Lavigne and Rihanna were stolen from Apple's cloud storage system and posted on online messageboard 4chan about a week ago. The FBI is investigating that incident.
Spark said it was ware that when people clicked on some celebrity nude snaps, they've inadvertently installed the kind of software that created distributed denial of service (DDoS) attacks such as this weekend's.
"There's no way for us to tell whether they have caused the [problems] today," Spark spokesman Conor Roberts said this evening. "They could have."
Spark spokesman Richard Llewellyn earlier said a high volume of traffic appeared to be affecting the ability of customers to browse intermittently on broadband or mobile.
Around midday, Spark conformed a DDoS attack was responsible for the logjam. "It's not an issue with the Spark network - it's because computers are sending out an enormous amount of traffic due to malicious overseas malware, that's been inadvertently installed on NZ computers by some Spark customers," a company spokesman said.
"A handful of our customers' computers have been infected with malware and that's generating very high volumes of traffic to overseas sites," Roberts elaborated. This traffic was slowing down web access for broadband and mobile Spark customers.
"Our engineers are continuing to work on cordoning off the malicious traffic," Spark said this evening. "Because our call centres are struggling to keep up with the volume, we're recommending people change their DNS (domain name system) settings to Google's...This should bring back most of your connectivity and web browsing."
That advice did not impress Chris Keane. "I am very capable of doing this, but I won't be... what a joke," he wrote on Facebook. "A handful of people have brought down New Zealand's biggest Telco, apparently. A handful is what... five?"
Spark's website has instructions to manually specify your DNS settings.
The company is also advising customers not to click any suspicious links and has said customers should keep their malware and anti-virus protection updated. For those with internet access, Spark has information on its website, Facebook page and Twitter feed.
Spark technicians had been working since last night to identify where the dodgy information requests came from in order to shut them down. But Roberts said even though the company employed "some of the best people in the world" the situation was "dynamic" and the dodgy information requests kept changing. "Once they've identified one, it shifts to another."
Roberts said it wasn't clear what motive was behind the attacks. "These kind of things aren't uncommon. They affect different networks around the world but this one for us is quite unusual."
Spark broadband customer Leonie Mullions was among those furious at today's internet outage.
Mullions said a Spark call centre operator told her a story different from what the company told media. "I spent 80 minutes on the phone this morning," Mullions said. "I was told by the operator at their tech desk that they were doing an upgrade of the network and I was in the affected area," she added. "It seems they are saying one thing to a paying customer and another to the [Herald on Sunday]...this is looking as murky as Dirty Politics."
Spark said it would have to trace the phone call and listen to a recording of it before it could accurately respond to Mullions' claim.
Mullions said she paid Spark about $150 every month, always paid her bills on time, and expected better. "...We have been unable to use our internet, that we pay a huge monthly amount for, since last night."
Spark has about 669,000 broadband internet customers. The company could not yet confirm how many of those people today's problems affected.
The company, formerly known as Telecom, was rebranded as Spark on August 8.
Tweets:
Some Twitter users said 4G services seemed to be working.
