Late last year, a massive distributed denial of service (DDoS) against Dyn, a company that controls much of the internet\u2019s domain name system (DNS) infrastructure, caused disruption to online services worldwide.<\/p>\n
With millions of users unable to access major websites such as PayPal, Reddit and Twitter, this attack was likely the largest of its kind. Dyn\u00a0reported\u00a0<\/a>that the attack was orchestrated using the Mirai Botnet and estimated that up to 100,000 malicious endpoints were involved.<\/p>\n A US-based man has pleaded guilty to creating the giant botnet that was used to disrupt access to much of the web in October 2016.<\/p>\n The Mirai malware also caused havoc later last year when it was used to stop people’s internet routers working.<\/p>\n Paras Jha has admitted working with others to infect more than 300,000 devices and using them to carry out distributed denial of service (DDoS) attacks and other criminal activity.<\/p>\n He has yet to be sentenced.<\/p>\n Two other people – Josiah White and Dalton Norman – have also agreed to plead guilty to using the botnet for criminal gain.<\/p>\n The details were revealed in documents filed in May but which have only now been unsealed by an Alaskan court.<\/p>\n Security blogger Brian Krebs has\u00a0published additional information stating<\/a>\u00a0that Jha is 21 years old and from New Jersey, while White is 20 years old and from Washington, Pennsylvania. The two used to run a company that marketed itself as a means to mitigate incoming DDoS attacks.<\/p>\n According to the plea agreement, Jha admitted writing Mirai’s code in or about July 2016, before working with others to use it to flood targets against whom he had a grudge with internet traffic.<\/p>\n The papers say he has also acknowledged renting the botnet to others for a fee, as well as using it to extort money from internet hosts and others by demanding payment to halt attacks.<\/p>\n White has admitted adding scanning functionality to the code in August, allowing the malware to identify further vulnerable devices to infect.<\/p>\n And in September, New Orleans-based Norman expanded the size of Mirai to more than 300,000 devices by helping the other two men take advantage of vulnerabilities they had not been aware of.<\/p>\n In September or October, the documents say, Jha posted Mirai’s code online in an effort to create plausible deniability if his equipment was seized by the police.<\/p>\n The botnet then grew further and was subsequently used against Dyn – a company that effectively provides the internet’s address books, making it possible for users to type in a website address and be connected to the computer servers holding the content they want.<\/p>\n The result was that, for a time, many sites – including Reddit, Twitter, Amazon, Netflix and the BBC – became inaccessible to many visitors.<\/p>\n The three men have not been accused of carrying out this attack themselves.<\/p>\n Over the following months the malware was also used to expose a flaw present in millions of routers, preventing homes and businesses from connecting to the net.<\/p>\n “Mirai will be seen in future as the first major botnet that used the growing army of the internet of things [IoT],” commented Prof Alan Woodward, a cyber-security expert at Surrey University.<\/p>\n “It demonstrated just how vulnerable many of the cheap, internet-connected devices were to hackers who wanted to co-opt them to conduct massive attacks.<\/p>\n “Derivatives of Mirai live on today, with new IoT devices often targeted to see if a new variant of the botnet can be recreated, presumably to cause an equal amount of disruption.”<\/p>\n Under the terms of the plea, Jha faces up to 10 years in jail.<\/p>\n That includes time\u00a0for separate attacks<\/a>\u00a0he carried out against Rutgers University’s internet network, which he has also admitted, as detailed by the New Jersey Ledger newspaper.<\/p>\n Norman and White both face up to five years in prison.<\/p>\n Source: bbc.co.uk<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"