Back in October 2016, the world was shocked when leading companies such as Twitter, Paypal, and Spotify, all at the same time, experienced distributed denial-of-service, or DDoS, attacks. The investigation concluded that the masterminds behind those attacks used a botnet called Mirai to initiate DDoS attacks on devices.
Today, the hackers behind this massive cybercrime appealed to the court to admit the development and use of the Mirai botnet for personal gain. Paras Jha, a former Rutgers University student, together with two accomplices named Josiah White and Dalton Norman, admitted the writing and development of Mirai.
The court documents released details that Jha, White, and Norman used the Mirai botnet for financial gain, lending the technology to criminals that will make use of its hacking capabilities. Furthermore, it allows attackers to initiate DDoS to business competitors, or to whoever they hold grudges with, says the prosecutors of the case.
Jha also admitted to the court he tried to conceal all evidence regarding Mirai by eradicating the virtual machine which housed the botnet. Further, he admitted posting the codes online to remove accountability and gain plausible deniability regarding the case.
Back in January, Jha’s name surfaced via Krebs on Security as the source of the DDoS attacks. The website tagged him as the man behind the username “Anna-senpai” who posted the codes of Mirai online and is the author of the famous Mirai worm. Though, the known intention back then was to allow other hackers to make use of the code to their advantage.
— Chris Bing (@Bing_Chris) December 13, 2017
The prosecutors also detailed White and Norman’s participation in the Mirai case. In August 2016, White developed a scanner that allowed botnets to distinguish devices and send a series of login credentials in order to overload the servers. Norman, on the other hand, worked alongside Jha and White to expand the size of the Mirai code affecting more than 300,000 devices.
The Mirai botnet uses infected internet-connected devices, turning them into a digital army of bots that are used to knock out internet infrastructure. Dyn, an internet backbone, came across disruptive access to dozens of websites in the United States and Europe.
As per the case, the party is now charged with intentional damage on protected computers alongside other offenses. U.S. officials will hold a press conference to discuss the matter further.