What is the background to how three teenage boys built the malware `` Mirai '', which is said to be capable of executing a `` unprecedented level '' DDoS attack?
One type of malware,
The Strange Story of the Teens Behind the Mirai Botnet - IEEE Spectrum
https://spectrum.ieee.org/mirai-botnet
Born and raised in Funwood, New Jersey, Pallas Jar has been familiar with the field of
Mr. Jah, who was a first-year student at Rutgers University at the time, was dissatisfied with the system that allowed seniors to take popular classes preferentially. So, in November 2014, Mr. Jah launched a DDoS attack against Rutgers University's system and interfered with course registration. In March 2015, Mr. Jar also conducted a DDoS attack against Rutgers University again, creating a situation in which about 50,000 students and faculty members could not access the university's computers and networks for four days.
Mr. Jah claims that `` Rutgers University has introduced a low-quality provider like Incapsula as a countermeasure system against DDoS attacks, '' and is requesting to introduce the service of ProTraf Solutions, which he founded. . Since then, Mr. Jah has conducted DDoS attacks on Rutgers University multiple times.
After that, Mr. Jah, who was isolated in the university, dropped out of Rutgers University at the time of his sophomore year, and along with fellow hackers Josiah White, who was working on DDoS attack countermeasures at the time, and Mr. Dalton Norman, a prominent DDoS It created a conflict with the attack team 'VDoS'.
The DDoS attack team 'VDoS' is an organization made up of teenagers based in Israel, and operates a DDoS attack proxy service called '
In Jah's group, Mr. Norman finds software vulnerabilities, Mr. White builds botnet malware that exploits it, Mr. Jar develops software to manage the botnet, VDoS deepened their rivalry with
Meanwhile, VDoS has partnered with another DDoS attack group called Lizard Squad to form a new group called PoodleCorp. PoodleCorp has successfully built a huge botnet capable of hacking 1,300 vulnerable webcams and sending record traffic of 400 gigabits per second to targets.
With PoodleCorp's botnet attracting attention, Jah and his group finally completed a botnet malware called 'Mirai'. Mirai, named after the anime Mirai Nikki , is a malware that targets IoT devices such as vulnerable internet-connected video cameras and devices that support the outdated remote login system Telnet . infect. After that, 'Mirai' spread all over the world is operated remotely through the C & C server developed by Mr. Jah and performs DDoS attacks. Additionally, Mirai-infected devices continue to scan for other vulnerable devices even when they are not attacking their targets, increasing the number of infected devices.
Mirai spread rapidly after its release, infecting about 65,000 devices in the first 20 hours after its release, and then doubling in size every 76 minutes thereafter. I was. The number of devices that were eventually infected is said to have reached about 500,000.
Following the expansion of DDoS attacks by Jah's group and PoodleCorp,
Mr. Jar's group, who has no opposing groups, skillfully escapes the investigation by the FBI, and at the same time, in late September 2016, almost all the source code of 'Mirai' was released on the forum where hackers gather. By publishing the source code of malware online, if you are arrested by the FBI, etc., you can escape that you downloaded it from the Internet, so it is not uncommon to publish it as an open source.
After Jah and his colleagues released the source code online, Mirai began to be used for DDoS attacks by hackers. The provider Dyn was attacked. A massive DDoS attack against Dyn resulted in intermittent outages for its customers, including Twitter and the Playstation Network.
In 2017, an FBI investigation was conducted, and as a result, Mr. Jar and his group were arrested. However, Jah and three others have pleaded guilty, expressed remorse, and were asked to serve 10 years in prison for helping investigate more than a dozen cases at the request of law enforcement agencies. He was sentenced to five years of probationary supervision instead of a prison sentence.
It turns out that a hacker arrested for creating a malware 'Mirai' that caused a 'unprecedented level' DDoS attack was cooperating with the FBI-GIGAZINE
In addition, the three have been ordered to provide a total of 2,500 hours of social service, including compensation of $ 127,000 (about 17 million yen) and cooperation with the FBI. After that, Mr. Jah and his colleagues hunted down criminals using 'Mirai' that they released, contributed to law enforcement activities, and contributed to the prevention of DDoS attacks.
Related Posts:
in Security, Posted by log1r_ut