Indian American, 2 Others Plead Guilty for Mirai Malware Attack of 2016

One Indian American man and two others pleaded guilty on Dec. 13 to creating a “botnet” known as Mirai that paralyzed parts of the internet in 2016. The malware overloaded domain registration service provider Dyn with malicious traffic requests using more than 100,000 devices.

Paras Jha, 21, Josiah White, 20, and Dalton Norman, 21, admitted to one count of conspiracy in plea agreements. The three men used routers, webcams, and other devices infected with malware that they controlled to create a “denial of service” attack.

It had affected Twitter, Reddit, Amazon, Netflix and the BBC in October 2016, making it inaccessible to users. However, prosecutors said that they don’t believe that the attack on the giant tech firms was carried out by the three men. Jha had posted the code for Mirai, which gets its name from the Japanese anime Mirai Nikki, to online criminal forums.

“The co-conspirators were all just a fan of that particular anime,” Bill Walton, a special agent who oversees the Anchorage FBI’s Cyber Crime unit, said, India West reported.

Under their guilty pleas, Jha agreed to give up 13 bitcoin, which is currently valued at $225,000. White agreed to give up 33 bitcoin, which is worth more than $500,000.

Jha and Norman also pleaded guilty to a different conspiracy charge, in which they used a botnet for a “click fraud” scheme.

Jha had written the code in or around July. His attorney, Robert Stahl, was quoted as saying by India West that Jha “is a brilliant young man whose intellect far exceeded his emotional maturity” and that he is “extremely remorseful and accepts responsibility for his actions.” He added that pleas “are the first step in his evolution into adulthood and responsibility.”

A cybersecurity journalist, Brian Krebs, had in January accused Jha and White as likely suspects for the Mirai botnet onslaught that had eventually led to malware attack on 400,000 devices.

“Mirai will be seen in future as the first major botnet that used the growing army of the internet of things [IoT],” Prof Alan Woodward, a cyber-security expert at Surrey University, told BBC. “It demonstrated just how vulnerable many of the cheap, internet-connected devices were to hackers who wanted to co-opt them to conduct massive attacks.

“Derivatives of Mirai live on today, with new IoT devices often targeted to see if a new variant of the botnet can be recreated, presumably to cause an equal amount of disruption.”

Jha can face up to 10 years in jail. Norman and White can face up to five years in jail.