Possible Culprit Responsible for Last Year’s Historic DDoS Cyber Attacks Revealed

The alleged perpetrator has a history of committing cyber attacks.

Last fall, a distributed denial-of-service (DDoS) attack knocked websites offline nationwide in what was the largest DDoS attack in history.

Now, a prominent cybersecurity reporter is claiming to have exposed its creator.

Brian Krebs, who runs a popular internet security blog, published the results of a lengthy investigation he conducted into the Mirai botnet on Wednesday.

The Mirai botnet has been responsible for the largest DDoS cyber attacks ever seen, using thousands of hacked IoT devices to overwhelm websites by flooding them with data.

Someone using the name Anna Senpai online recently released the source code for Mirai, making large-scale copycat DDoS attacks much more likely.

Krebs’ investigation, which began after his own website was taken down in Mirai’s debut, links Rutgers University student Paras Jha to Anna Senpai and the Mirai attacks.

Kreb’s website krebsonsecurity.com was forced offline for nearly four days and lost cloud service provider Akamai in September after Mirai crashed the site with 620 gigabits of data per second, which was more than double the previous DDoS record at the time, reports New York Magazine.

Later, Mirai attacked a French web-hosting company with one terabit of data per second, which is still the record for the largest DDoS attack in history. Interest in the cyber attacks rose further when Director of National Intelligence James Clapper went on record saying the person responsible for Mirai was likely a non-state actor.

Kreb took Anna Senpai’s attack on his site personally and says he spent hundreds of hours uncovering who was responsible. The result is an 8,000 word post that links the student with a series of massive DDoS attacks.

“The first clue to Anna Senpai’s identity didn’t become clear until I understood that Mirai was just the latest incarnation of an IoT botnet family that has been in development and relatively broad use for nearly three years,” Krebs wrote.

The origins of Mirai can be seen in a series of cyber attacks on Minecraft servers that people use to make money off of the game, and later was used in several DDoS attacks that crippled Rutgers’ network in the fall of 2015.

In those attacks, the hacker refused to stop paralyzing the university’s network until they hired a DDoS protection service. Jha is the president of DDoS mitigation service ProTraf.

Krebs also used a series of Anna Senpai’s posts in hacker threads to show the resemblance between the skills of the DDoS hacker and Jha. Additionally, Krebs says one of Jha’s former coworkers admitted to him that Jha bragged about being responsible for the Rutgers attacks in his dorm room in October 2015.

“He was laughing and bragging about how he was going to get a security guy at the school fired, and how [Rutgers] raised school fees because of him,” Jha’s former coworker Ammar Zuberi told Kreb. “He didn’t really say why he did it, but I think he was just sort of experimenting with how far he could go with these attacks.”

Rutgers, the FBI and the Department of Homeland Security, who have been investigating the origins of Mirai and may have already questioned Jha, have not commented on the allegations yet. Jha has also not responded.

If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!

Security Is Our Business, Too

For professionals who recommend, buy and install all types of electronic security equipment, a free subscription to Commercial Integrator + Security Sales & Integration is like having a consultant on call. You’ll find an ideal balance of technology and business coverage, with installation tips and techniques for products and updates on how to add to your bottom line.

A FREE subscription to the top resource for security and integration industry will prove to be invaluable.

Subscribe Today!

Get Our Newsletters