Krebs Security believes it's found Mirai's creator

(Image Credit: iStockPhoto/tonefotografia)

Mirai wrecked havoc over the past year as it hijacked thousands of unsecured IoT devices to carry out DDoS attacks on a scale unlike ever before. One record-breaking Mirai attack was on KrebsOnSecurity's website, and now the site's leading security researcher believes he's found the botnet's creator. 

Brian Krebs was determined to find Mirai's creator after his site was taken offline. The following month, several of the internet's largest services also faced significant disruption including Twitter, Spotify, and PlayStation Network. 

The week after the initial attack on KrebsOnSecurity, the supposed perpetrator – under the pseudonym Anna Senpai – released the botnet's source code. This provided the first step for Krebs, and some exhaustive investigation work led to a huge list of cross-referenced names and terms which helped in building an incomplete relational map of various connections. 

Krebs' full account of his investigation is over 8000 words and goes into extensive detail which you can read here if you've got plenty of spare time. 

For a shortened account, Krebs spoke to sources who build and use botnets for shady clients who are often wanting to drive people into using their protective services. It's almost like a digital protection racket, except without the individuals being aware they're paying those who are doing the damage in the first placeOften the targets are Minecraft servers with thousands of players who are disrupted by DDoS attacks then move to whichever security service is offering protection. 

The sources revealed KrebsOnSecurity became a target after providing information in September about hackers behind the 'vDos' attack service; which led to the arrest of two individuals. The user known as 'Anna Senpai' was paid to build and unleash Mirai on KrebsOnSecurity by vengeful ex-clients of vDos. 

All of Krebs' sources and evidence pointed towards Paras Jha, a Rutgers University student and owner of DDoS protection provider Protraf Solutions. 

What are your thoughts about Brian Krebs' investigation? Let us know in the comments.

Related Stories

Leave a comment

Alternatively

This will only be used to quickly provide signup information and will not allow us to post to your account or appear on your timeline.