Three men plead guilty to Mirai IoT botnet attack

By on
Three men plead guilty to Mirai IoT botnet attack

Three individuals have pleaded guilty to orchestrating and deploying the massive Mirai IoT attack in 2016, the US Department of Justice announced on Wednesday.

The three US-based individuals, Paras Jha, Josiah White and Dalton Norman, pleaded guilty to roles in the botnet attack, which was orchestrated as a distributed denial of service attack through 300,000 vulnerable internet of things devices like webcams, routers and video recorders.

"In the summer and fall of 2016, White, Jha, and Norman created a powerful botnet – a collection of computers infected with malicious software and controlled as a group without the knowledge or permission of the computers' owners," according to the Justice Department.

The attack, which occurred in October 2016, overwhelmed servers at Dynamic Network Services (Dyn) and led to the blockage of more than 1200 websites, including Netflix and Twitter.

The three individuals were each charged with conspiracy to violate the Computer Fraud and Abuse Act in operating the Mirai Botnet.

Meanwhile, the US Justice Department also alleged that between December 2016 to February 2017, Jha and Norman successfully infected over 100,000 US-based computing devices, such as home internet routers, with malicious software. 

These devices were used primarily in advertising fraud, including "click fraud," which is an Internet-based scheme that makes it appear that a real user has clicked on an advertisement to generate revenue artificially.

According to well-known independent computer security journalist Brian Krebs, Jha and White were also co-founders of DDoS mitigation company Protraf Solutions. The two would target companies with DDoS attacks and try to sell those companies services to mitigate the attacks, according to Krebs.

The Justice Department said that the three men's involvement with the original Mirai variant ended in the fall of 2016 when Jha posted the source code for Mirai on a criminal forum. Since then, other criminal actors have used Mirai variants in a variety of other attacks.

IoT security is a big concern for customers moving into 2018 – according to information service provider Neustar, the frequency of DDoS attacks increased in 2016 due in part to IoT botnets. The company said it mitigated 40 percent more DDoS attacks from January through November compared with the same span last year.

This article originally appeared at

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © 2018 The Channel Company, LLC. All rights reserved.

Most Read Articles

You must be a registered member of CRN to post a comment.
| Register

Log In

Username / Email:
  |  Forgot your password?