Latest in Culture

Image credit: scyther5 / Getty Images

Krebs pinpoints the likely author of the Mirai botnet

The security researcher lays out substantial evidence and sources suggesting a Rutgers University student created it.
508 Shares
Share
Tweet
Share

Sponsored Links

scyther5 / Getty Images

The Mirai botnet caused serious trouble last fall, first hijacking numerous IoT devices to make a historically massive Distributed Denial-Of-Service (DDoS) attack on KrebsOnSecurity's site in September before taking down a big chunk of the internet a month later. But who's responsible for making the malware? After his site went dark, security researcher Brian Krebs went on a mission to identify its creator, and he thinks he has the answer: Several sources and corroborating evidence point to Paras Jha, a Rutgers University student and owner of DDoS protection provider Protraf Solutions.

About a week after attacking the security site, the individual who supposedly launched the attack, going by the username Anna Senpai, released the source code for the Mirai botnet, which spurred other copycat assaults. But it also gave Krebs the first clue in their long road to uncover Anna Senpai's real-life identity -- an investigation so exhaustive, the Krebs made a glossary of cross-referenced names and terms along with an incomplete relational map.

The full story is admittedly lengthy, clocking in at over 8000 words, but worth the time to understand how botnet wranglers make money siccing their zombie device armies on unsuspecting targets. The sources that pointed Krebs to Anna Senpai's identity were involved in using botnets on behalf of shadowy clients, unleashing them on security companies protecting lucrative Minecraft servers that host thousands of players. When their online gaming is obstructed -- say, by repeated and annoying DDoS attacks -- players leave, giving servers an incentive to jump ship to whichever security provider can ensure protection...in this case, providers that arranged for the botnet attacks in the first place.

According to Krebs' source, his security site was looped into the botnet war after it revealed information in early September leading to the arrest of the two hackers behind the Israeli 'vDos' attack service. Anna Senpai was allegedly paid to unleash Mirai on the KrebsOnSecurity site by vengeful clients who'd used the now-defunct vDos, cementing the security firm's interest.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
508 Shares
Share
Tweet
Share

Popular on Engadget

Kik Messenger will keep running under a different owner

Kik Messenger will keep running under a different owner

View
Netflix's 'Cowboy Bebop' production pauses after John Cho is injured on-set

Netflix's 'Cowboy Bebop' production pauses after John Cho is injured on-set

View
Nike puts an accessibility twist on its iconic Air Jordan 1

Nike puts an accessibility twist on its iconic Air Jordan 1

View
Harley-Davidson resumes LiveWire electric motorcycle production

Harley-Davidson resumes LiveWire electric motorcycle production

View
Alphabet’s Wing starts drone deliveries to US homes

Alphabet’s Wing starts drone deliveries to US homes

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr