Monday, 23 July 2018
Latest news
Main » USA says hacker to plead guilty for role in 2016 cyber attacks

USA says hacker to plead guilty for role in 2016 cyber attacks

14 December 2017

Dynamic domain name service provider Dyn was one of the targets of the Mirai botnet DDoS attacks in October a year ago, preventing a significant number of users from accessing websites and online services. The court document notes that one feature of Mirai was the ability to conduct attacks against entire ranges of IP addresses.

The plea agreement also reveals that in August 2016, Mirai was used to attack an un-named US company.

The Mirai botnet infected Internet-connected devices with malicious software to launch a series of attacks on websites.

"Like firemen getting paid to put out the fires they started, Jha and White would target organizations with DDoS attacks and then either extort them for money to call off the attacks, or try to sell those companies services they claimed could uniquely help fend off the attacks", Krebs wrote. On Tuesday, the documents were unsealed. "JHA posted the Mirai code online, in order to create plausible deniability if law enforcement found the code on computers controlled by JHA or his co-conspirators". Jha and his co-conspirators also designed the malware to rapidly spread by exploiting previously unknown vulnerabilities in IoT devices.

More news: A Chico family prepares for the first night of Hanukkah

The plea agreement with Jha provides insight into the operations of Mirai.

"This feature, in conjunction with the very large size of the Mirai botnet, rendered useless many methods that are used to mitigate DDOS attacks", the plea agreement states.

From September to October 2016, Jha made Mirai's source code public on forums for cybercriminals, allowing anyone to use it, using names like "ogmemes" and "Anna Senpai".

Jha and his co-conspirators also created a second botnet designed to engage in clickfraud.

More news: LaMelo, LiAngelo Ball sign with Lithuanian pro team

While Mirai infected IoT devices around the world, Jha set up the technical infrastructure for it on a virtual machine that he ran on his own computer at his home in New Jersey. Because the victim activity resembled legitimate views of these websites, the activity generated fraudulent profits through the sites hosting the advertising content, at the expense of online advertising companies.

The scheme netted Jha and his crew almost 100 bitcoin on January 29, which was valued at $180,000 at the time.

The click fraud charges come with a sentence of up to five years in prison and a fine equal to $250,000 or twice the gain or loss of the offense.

The three individuals were each charged with conspiracy to violate the Computer Fraud and Abuse Act in operating the Mirai Botnet. U.S. authorities are urging the public to keep their IoT devices secure by installing the latest security patches to prevent malware-related botnets from infecting them.

More news: Kylie Jenner is slammed for new Kylie Cosmetics product

USA says hacker to plead guilty for role in 2016 cyber attacks