Three men to plead guilty to crimes tied to 2016 botnet attacks

This post was originally published on this site

(Reuters) – A former Rutgers University student and two other men have agreed to plead guilty to computer crimes related to the creation and use of the Mirai botnet, a network of infected electronics equipment used to knock major websites offline in massive 2016 cyber attacks, according to court documents.

Paras Jha has agreed to admit to writing code that allowed him to control devices infected with Mirai, charging papers unsealed on Tuesday in Alaska showed. Two other individuals, Josiah White and Dalton Norman, also agreed to plead guilty to charges related to the development and use of Mirai for criminal gain.

The Mirai botnet was used to infect hundreds of thousands of internet-connected devices including webcams and video records, which its creators then turned into a digital army of bots that attacked websites and internet infrastructure in “denial of service” attacks that knocked them offline.

Those attacks included one in October 2016 on an internet infrastructure firm known as Dyn that disrupted access to dozens of websites across the United States and Europe including ones run by Twitter Inc, PayPal Holdings Inc and Spotify. The court records do not accuse Jha or the others of carrying out that specific attack.

Jha began to create the Mirai botnet in August 2016 to launch powerful denial of service attacks targeting business competitors and others against whom the attackers “held grudges,” prosecutors said in court documents.

He and his co-conspirators also sought financial gain, renting the botnet out to other criminals. Jha attempted to destroy or conceal evidence of his crimes by erasing the virtual machine used to run Mirai and posting the code online to create “plausible deniability,” prosecutors said.

Jha has been charged with conspiring to cause intentional damage on a protected computer and other offenses.

In August 2016 White created the scanner that was part of the Mirai code, which helped the botnet identify devices that could be accessed through a series of login credentials in order to infect it, charging documents said.

In September 2016, Norman worked with his accomplices to expand the size of Mirai, allowing it to grow to infect more than 300,000 devices, prosecutors said.

Robert Stahl, Jha’s attorney, said his client had been released pending sentencing and has not been a student at New Jersey’s Rutgers University since December 2016. Stahl declined to comment further pending sentencing proceedings.

Rutgers did not immediately respond to a request for comment. Attorneys for White and Norman did not immediately respond to requests for comment.

Jha’s name surfaced in January, when the cyber website Krebs On Security reported that he may have been behind the online persona Anna-Senpai, who claimed to be the original author of the Mirai worm.

Anna-Senpai released the source code of the Mirai botnet online in September 2016, which gave other hackers the opportunity to use it. A month later the massive assault on infrastructure firm Dyn took place, causing swaths of the internet to be temporarily unavailable.

U.S. officials were scheduled to speak to reporters later on Wednesday to discuss the cases. Jha was expected to appear in court in New Jersey on Tuesday.