A New Jersey man has pled guilty to hacking charges and creating the devastating Mirai botnet, which spread via vulnerabilities in Internet-connected devices to unleash numerous massive distributed-denial-of-service attacks. As recently as last week, new Mirai strains continued to proliferate online.
As Ars reported in October 2016, the most serious DDoS degraded or completely took down Twitter, GitHub, the PlayStation network, and hundreds of other sites by targeting Dyn, a service that provided domain name services to the affected sites.
Paras Jha admitted to being behind Mirai according to court documents that were unsealed on Tuesday. The Rutgers University computer science student was originally publicly identified as a likely suspect in January 2017 by Brian Krebs, a well-known independent computer security journalist.
Later that month, Jha’s father, Anand Jha, told NJ Advance Media that his son had no connection whatsoever to the attack. “I know what he is capable of,” Anand Jha said at the time, noting that the FBI had already been in touch with the family, including his son. “Nothing of the sort of what has been described here has happened.”
The plea agreement also noted that around “September and October 2017,” Paras Jha “securely erased the virtual machine used to run Mirai on his device. Jha posted the Mirai code online in order to create plausible deniability if law enforcement found the code on computers controlled by Jha or his co-conspirators.”
Jha could face up to five years in prison but will likely end up serving far less as a result of his cooperation with the government.
In a Wednesday morning tweet, Krebs indicated that federal authorities also caught two additional co-conspirators.
Actually, looks like they caught 3, two of which were named in my January 2017 reporting. https://t.co/PxRxULQOus new story coming soon.
— briankrebs (@briankrebs) December 13, 2017