A hacker who conspired with several cybercriminals in 2016 to launch a powerful DDoS attack on the Sony PlayStation Network gaming platform that resulted in a number of websites going offline has admitted his crimes in a US court.
The hacker was a teenager when the DDoS attack was launched using a variant of the powerful Mirai botnet to take the PlayStation platform offline. Mirai first appeared in 2016 as the first true botnet that could seriously exploit vulnerabilities in millions of IoT devices in use around the world to either take control of industrial networks or steal the credentials of millions of IoT device owners.
Equipped with a dictionary of username and password combinations, the Mirai botnet scanned IP addresses for open ports in IoT devices, then infected millions of such devices and then used the affected devices in coordinated Distributed Denial of Service (DDoS) attacks against websites worldwide.
Mirai’s success encouraged hackers to develop more varieties of botnets, and by October 2017 botnet-directed malware attacks on IoT devices affected 49% of healthcare organizations, 82% of manufacturing companies, 76% of retailers, and 85% of state or state-owned Devices IoT technologies.
According to the US Department of Justice, this particular DDoS attack, which involved the use of a variant of Mirai, was launched in October 2016 with the aim of targeting Sony PlayStation Network Gaming platform offline for a sustained period of time.
“The DDoS attacks targeted a domain name resolver, Dyn, Inc., based in New Hampshire, which resulted in websites including those of Sony, Twitter, Amazon, PayPal, Tumblr, Netflix, and Southern New Hampshire University (SNHU ), either completely inaccessible or only temporarily accessible for several hours on that day.
“As a result of the individual’s DDoS attacks, Dyn, Sony, SNHU, and other companies and individuals suffered losses, including lost advertising revenue and cleanup costs. Sony estimated the resulting losses included net sales of approximately $ 2.7 million, ”it said.
According to security firm Flashpoint, the DDoS attack, which targeted three Dyn data centers in the northeastern United States and affected the websites of PayPal, Twitter, Reddit, GitHub, Amazon, Netflix, Spotify and RuneScape, was initiated by a group “Script Kiddies” hackers Attended the online hacking forums and were unrelated to hacktivists, government actors, or social justice communities.
“Flashpoint has moderate confidence that the recent Mirai attacks are likely to be related to the English-speaking hacking forum community, particularly users and readers of the hackforums forum.[.]Netz. “The personalities involved in these communities are known to develop and use commercial DDoS tools called” booter “or” stresser “.
“The hackers offer these services online for a fee and essentially operate a“ DDoS-for-hire ”service. One of the few well-known personalities associated with Mirai malware and botnets is known for visiting these forums.
“A hacker operating under the name“ Anna-Senpai ”published the source code for Mirai at the beginning of October and is said to have operated the original Mirai botnet that was used in the attack on“ Krebs on Security ”and the hosting provider OVH was used month, “added the company.
While the hacker’s identity behind the 2016 DDoS attack on PlayStation was concealed because the person was a minor at the time of the crime, the Justice Department said the person and several others created a botnet that is a variant of. was the Mirai botnet to launch DDoS attacks. Almost all of these attacks were directed against gaming platforms and took place between approximately 2015 and November 2016.
This is not the first time that hackers who use the Mirai botnet or its variants with disastrous consequences for victims have faced vigorous legal action. In September 2018, the New Jersey District Court sentenced 22-year-old Paras Jha to six months of house arrest and ordered him to pay $ 8.6 million in damages for using the dreaded Mirai botnet for cyberattacks against a variety of companies had used websites.
In 2019, the British hacker Daniel Kaye was sentenced to 32 months in prison by Blackfriars Crown Court for launching a devastating DDoS attack on the Liberian cellular network Lonestar, which cost the company millions in revenue between October 2016 and February 2017.
Kaye developed a unique twist on the Mirai botnet called Mirai £ 14 and used the new botnet to search for thousands of Internet-connected Lonestar devices. After the botnet infiltrated the devices, Lonestar’s server crashed and the company’s revenue dropped from $ 84 million in October 2016 to just $ 17 million in February 2017.
The Alaska District Court also sentenced 22-year-old Kenneth Currin Schuchman of Vancouver, Washington, to thirteen months in prison for developing the Satori Distributed Denial-of-Service (DDoS) botnet for carrying out DDoS attacks using those botnets. and for selling access to the botnets to paying customers to make money.
The Satori botnet, a variant of Mirai, infected more than 280,000 different IPs within twelve hours, which scanned ports 37215 and 52869. Unlike other flavors of Mirai, the Satori botnet had two embedded exploits connected to ports 37215 and 52869 to infect more devices.