Mirai co-creators plead guilty to building devastating botnet

14 Dec 2017

The Mirai botnet caused unprecedented trouble when it was unleashed in 2016. Image: Lifestyle discover/Shutterstock

The Mirai botnet wreaked havoc on the internet in late 2016.

Last year, the botnet known as Mirai recruited unsecured IoT devices, marshalling them into a thousands-strong DDoS attack that led to internet outages for many users, who were unable to access sites such as Amazon, Reddit and Netflix.

Mirai was also later used to expose flaws in millions of routers, preventing homes and business premises from going online.

Guilty of DDoS attack

The BBC reported that three men have pleaded guilty to creating the botnet.

Paras Jha admitted to collaborating with others to infect more than 300,000 devices in order to carry out a gigantic DDoS attack, and he has yet to be sentenced.

Josiah White and Dalton Norman have also agreed to plead guilty to using the Mirai botnet for criminal gain.

The name of the botnet comes from a Japanese manga series called Mirai Nikki – the individuals involved were apparently fans of the show.

Ties to online game Minecraft

Security researcher Brian Krebs said that Jha and White previously ran a firm that marketed itself as an aid in the mitigation of DDoS attacks. Krebs also found that the the botnet was often used to target gaming servers, particularly those tied to Minecraft.

Prosecutors in the case said they did not believe the attack that affected millions of users was the direct responsibility of the three men, as Jha had already shared the code for Mirai with online criminal forums. Documents said Jha shared the code in an effort to create plausible deniability if his machines were seized by authorities.

Both Jha and Norman pleaded guilty to a separate conspiracy charge for using another botnet for a click-fraud scheme, falsely generating advertising revenue to make it look like a user had clicked on a real ad.

Jha also pleaded guilty to a computer fraud charge in a New Jersey court on 13 December, for allegedly carrying out attacks from 2014 to 2016 that paralysed the networks of Rutgers University, where he was previously a student.

Ellen Tannam was a journalist with Silicon Republic, covering all manner of business and tech subjects

editorial@siliconrepublic.com