The Mirai attacks on large websites such as KerbsOnSecurity, Twitter and Netflix in the month of September 2016 took the digital world by storm. As we had discussed the details in one of our earlier articles( https://www.psychz.net/client/blog/en/mirai-ddos-attacks-then-and-now.html ), the attacks on KerbsOnSecurity went up to 624 Gbps. It was estimated that the bots used in these attacks were IOT devices which estimated to a number of around 300-400k.
A new piece of information has come to light in the case of the Mirai attacks. Three men Paras Jha, Josiah White and Dalton Norman pleaded guilty on the account of two charges. One of them is the attack that took place on KerbsOnSecurity on September 20th of last year large websites including Twitter and Netflix in the succeeding month.
Jha and White were the co-founders of Protraf Solutions LLC. This company worked in the field of DDoS mitigation. The accused used to target companies for DDoS attacks and extort money from them.
In the month of September last year, the first large-scale Mirai attacks were perpetrated on KerbsOnSecurity. This attack followed a series of Mirai attacks on reputed companies such as Twitter, Netflix and Paypal. The attacks peaked at 600k bots whereas the attacks were most stable at 300-400k. The main motive behind the attacks was to extort money from these companies.
In the month of November, Jha and his accomplices released the source code for the Mirai malware on the internet for all the viewers to access. There was another attack in the month of November on an Internet company called DYN. However, the accused have stated that they did not have any hand on this attack as the Mirai malware was released and could have been used by anyone.
CLICK FRAUD BOTNET
The main accused, Paras Jha, a 21-year-old boy and Rutgers University student, along with Josiah White and Dalton Norman also pleaded guilty to another scam known as CLICK FRAUD BOTNET. Under this scam, the accused were able to obtain large sums of advertising revenue on the basis of views on a website. The accused used bots to visit a website multiple times which seemed as if genuine people were visiting the site. Hence, they obtained the revenue from advertisements due to the huge number of visits.
It is speculated that the accused amassed an amount of 180,000 dollars from this scam.
It was KerbsOnSecurity that identified these attackers in the month of January 2017 as the co-authors of Mirai malware. The co-authors of Mirai used the nickname "Anna Senpai" on the virtual platform and released the source code at the end of September.
Under the laws, the accused are facing a 5-year jail sentence and 250,000 dollars fine.
Mirai DDoS protection by Psychz
During last year, we faced a similar situation when a Mirai attack of 400 Gbps was incident on one of our customers. We were able to halt the DDoS attack which lasted 4-5 days. Please visit the following link and read the article on the entire case.