This article is more than 1 year old
Operator of DDoS protection service named as Mirai author
Krebs says he's fingered author of epic IoT web assault code
The author of the massive distributed denial-of-service attack malware Mirai, which ropes infected routers and internet of things devices into remotely controlled armies, is a New Jersey man, according to journo Brian Krebs.
On his website this week, Krebs names a chap called Paras Jha, owner of a distributed denial-of-service (DDoS) attack mitigation company ProTraf Solutions, for the creation and dissemination of the Mirai software nasty.
Mirai is one of the worst DDoS botnets ever to grace the internet and is fingered for downing large chunks of the internet, including record-breaking attacks on Krebs' own site.
Previous analyses have suggested the malware was penned by a person named "Anna-Senpai".
Krebs builds a case to link Anna-Senpai to Jha and says that he, along with other players, built the Mirai code and used it to attack Minecraft servers to lure disgruntled customers.
He tells of how Jha contacted upstream providers to have command and control servers of rival IoT firms shut down, and how the hacker built malcode into his botnet that eliminated rival Qbot botnets.
Those upstream providers that ignored Jha's requests were also subject to large DDoS attacks.
Mirai evolved from earlier incarnations of botnet code designed for DDoS attacks. In 2014 an earlier variant was used to launch DDoS attacks against Minecraft servers which can generate up to US$50,000 a month.
Krebs found that Jha lists the same skills on his LinkedIn page as on HackForums, a large marketplace where low level grey hat activities, cybercrime, and bragging takes place.
He details many other compelling links between Jha's older identities he used online while learning to code, including 'OG_Richard_Stallman', and his recent aliases including Anna-Senpai. ®