A Surrey man has been jailed for 32 months after admitting to launching distributed denial-of-service (DDoS) attacks against an African telco.
Daniel Kaye, 30, of Egham, told the Blackfriars Crown Court that back in 2016 he took a monthly salary from Liberian company Cellcom to carry out a sustained DDoS against their rival telco Lonestar. According to the National Crime Agency, at its peak Kaye's attack was so heavy that it disabled internet access for most of the country.
Living in Cyprus at the time, Kaye built himself a Mirai botnet pieced together using hijacked Dahua security cameras and infected devices "rented" from other hackers. He then accepted the monthly retainer from Cellcom and proceeded to run the attack in the latter half of 2016.
When the attacks finally subsided, Lonestar said it suffered tens of millions of dollars in lost business and had to directly pay $600,000 to fully ameliorate the effects of the DDoS attack.
That botnet, referred to as "#14" by researchers, was among the largest on the internet, and at one point was said to have accounted for more than half of all Mirai infections on the planet.
Cops: German suspect, 20, 'confessed' to mass hack of local politiciansREAD MORE
Kaye was arrested in February of 2017 and pled guilty last month to counts of creating and using a botnet and possessing criminal property. Between that, he also got a free trip to Germany where he was tried for a separate 2016 DDoS on Deutsche Telekom (he would get a suspended sentence for that one.) Kaye was also said to be tied to DDoS attacks against Lloyd's, Barclays, and Halifax banks in the UK.
Though much of the Mirai #14 botnet Kaye used was said to have been machines rented from other hackers, prosecutors described the 30-year-old as a "highly skilled and capable hacker-for-hire" in announcing the two years and eight months prison term this month.
"Kaye was a talented and sophisticated cyber criminal who created one of the world's largest networks of compromised computers which he then made available to other cyber criminals with no consideration as to the damage it would cause," said Russell Tyner from the UK Crown Prosecution Service (CPS).
"The CPS and the NCA together with the authorities in Germany and Cyprus worked closely together in order to bring him to justice." ®