Indian Origin Hacker Asked to Pay $8.6 M for Launching Cyberattack on University

An Indian origin man was ordered to pay $8.6 million in restitution and serve six months of home incarceration for launching a cyberattack on the Rutgers University computer network.

Paras Jha, 22 of New Jersey had earlier pleaded guilty to violating the Computer Fraud & Abuse Act. Along with Jha, two other men—Josiah White and Dalton Norman— were held responsible for creating “Mirai” and Clickfraud botnets that compromised thousands of devices across the U.S. and Europe.

According to reports, between Nov. 2014 and Sept. 2016, Jha executed a series of “Distributed Denial of Service” (DDOS) attacks on the networks of Rutgers University. The attack had effectively shut down the university’s central authentication server, which maintained, among other things, the gateway portal through which staff, faculty, and students delivered assignments and assessments. In numerous accounts, Jha also succeeded in taking the gateway portal offline for multiple consecutive periods, causing serious damage to the university, its faculty and students.

On Dec. 8, 2017, Jha, White, 21, of Washington, Pennsylvania, and Norman, 22, of Metairie, Louisiana, pleaded guilty to criminal informations in the District of Alaska charging them each with conspiracy to violate the Computer Fraud & Abuse Act in operating the Mirai Botnet.

According to FBI, the trio created Mirai botnet that took control of thousands of Internet of Things” (IoT) devices and caused many websites across the U.S. and Europe to go down in September 2016.

The defendants attempted to discover both known and previously undisclosed vulnerabilities that allowed them to surreptitiously attain administrative or high-level access to victim devices for forcing the devices to participate in the Mirai Botnet. At its peak, Mirai consisted of hundreds of thousands of compromised devices. The defendants used the botnet to conduct several other DDoS attacks. The trio’s involvement with the original Mirai variant ended in the fall of 2016 when Jha posted the source code for Mirai on a criminal forum. Since then, other criminal actors have used Mirai variants in a variety of other attacks, according to a court statement.

After cooperating with the FBI, Jha, White, and Norman were each sentenced to a five-year probation, 2,500 hours of community service, and were ordered to pay restitution of $127,000 on Sept. 18. They have voluntarily abandoned significant amounts of cryptocurrency seized during the course of the investigation, according to FBI.

The court statement also notes that Jha and Norman have also pleaded guilty to criminal informations with the District of Alaska charging each with conspiracy to violate the Computer Fraud & Abuse Act. From December 2016 to February 2017, the duo managed to infect as many as 100,000 primarily U.S.-based internet-connected computing devices, such as home internet routers, with malicious software. That malware caused the hijacked home internet routers and other devices to form a powerful botnet.

The defendants then used the compromised devices as a network of proxies through which they routed Internet traffic. The victim devices were used primarily in advertising fraud, including “clickfraud,” a type of internet-based scheme that utilizes “clicks,” or the accessing of URLs and similar web content, for the purpose of artificially generating revenue.

U.S. District Judge Michael Shipp sentenced Jha at Trenton federal court On Oct. 26. He also sentenced Jha to five years of supervised release and ordered him to perform 2,500 hours of community service.

Along with the previous sentences, the trio will also have to cooperate with the FBI on cybercrime and cybersecurity matters, as well as give continued assistance to law enforcement and the broader research community, an earlier court statement noted.

“Cybercrime is a worldwide epidemic that reaches many Alaskans,” U.S. Attorney Bryan Schroder was quoted as saying in the statement.  “The perpetrators count on being technologically one step ahead of law enforcement officials.”