Mirai botnet creators avoid prison time by assisting FBI as part of their sentencing
Remember the three young hackers who were sentenced in December last year for creating and spreading Mirai botnet that took over about 500,000 IoT devices and caused a DDoS attack?
The U.S. Department of Justice (DOJ) on Tuesday sentenced all the three men, Paras Jha, Josiah White, and Dalton Norman, all aged in their 20s, to just five years of probation—no prison time. The decision was announced after U.S. prosecutors said that the three men had provided “extensive” and “exceptional” assistance to the U.S. Federal Bureau of Investigation (FBI) in several cybersecurity matters.
The trio will also have to serve 2500 hours of community service and need to pay US$127,000 (A$175,000) in restitution each. Additionally, the trio voluntarily surrendered significant amounts of cryptocurrency seized during the investigation into their activities, the DOJ said.
“By working with the FBI, the defendants assisted in thwarting potentially devastating cyber attacks and developed concrete strategies for mitigating new attack methods,” US attorneys said in a motion filed Sept. 11. “The information provided by the defendants has been used by members of the cybersecurity community to safeguard US systems and the Internet as a whole.”
For those unaware, Jha, White and Norman had created Mirai botnet originally to take down rival Minecraft servers with distributed denial-of-service attacks (DDoS). The trio used the botnet for their own criminal activities and leased it to others. But after noticing its strength, Mirai was released into the wild on a hacker forum, the DoJ said. Since then, other criminal actors have used Mirai variants in a variety of other attacks.
As a result, the Mirai botnet was used in a massive cyberattack in October 2016 against DNS service Dyn, an internet company that directs traffic on the web, which interrupted access to dozens of websites across the United States and Europe including ones run by Twitter, PayPal Holdings, and Spotify.
The three also admitted to having developed a second piece of malware that attacked IoT devices such as wireless cameras, routers, and digital video recorders and joined them into a botnet. That botnet compromised over 100,000 devices in the U.S., and was used by the trio primarily in advertising fraud, including “clickfraud,” a type of Internet-based scheme that makes it appear that a real user has “clicked” on an advertisement for the purpose of artificially generating revenue.
“Cybercrime is a worldwide epidemic that reaches many Alaskans,” said U.S. Attorney Bryan Schroder. “The perpetrators count on being technologically one step ahead of law enforcement officials. The plea agreement with the young offenders, in this case, was a unique opportunity for law enforcement officers, and will give FBI investigators the knowledge and tools they need to stay ahead of cybercriminals around the world.”
“The sentences announced today would not have been possible without the cooperation of our partners in international law enforcement and the private sector,” said Special Agent in Charge of FBI’s Anchorage Field Office, Jeffery Peterson.
“The FBI is committed to strengthening those relationships and finding innovative ways to counter cybercrime. Cybercriminals often develop their technical skills at a young age. This case demonstrates our commitment to hold criminals accountable while encouraging offenders to choose a different path to apply their skills.”
Jha, White, and Norman who were behind the Mirai botnet had pleaded guilty last December and were able to stay out of jail by co-operating with the FBI on cybercrime and security matters.
The court’s documents state that the trio has cooperated with the FBI for more than a year and that they will continue to work with the FBI on cybercrime and cybersecurity matters.