Indian-Origin Man Among Three Sentenced for Cybercrime in U.S.

Paras Jha, Josiah White and Dalton Norman were held responsible for creating “Mirai” and Clickfraud botnets that compromised thousands of devices across the United States and Europe.


Three people, including an Indian-origin man, were  sentenced for their roles in creating and operating two botnets that targeted Internet of Things (IoT) devices and brought down thousands of computers two years ago in the United States and Europe.

After an extensive investigation, the Federal Bureau of Investigation (FBI) found Paras Jha, 22, of Fanwood, New Jersey; Josiah White, 21, of Washington, Pennsylvania; and Dalton Norman, 22, of Metairie, Louisiana, guilty of staging cybercrime. The three were sentenced by Chief U.S. District Judge Timothy M. Burgess on Sept. 18.

The FBI said the trio created Mirai botnet that took control of thousands of IoT devices and caused many websites across the United States and Europe to go down in September 2016. After cooperating with the FBI, Jha, White, and Norman were each sentenced to a five-year probation, 2,500 hours of community service, and were ordered to pay restitution of $127,000. They have voluntarily abandoned significant amounts of cryptocurrency seized during the course of the investigation, according to a statement by the FBI.

As part of their sentences, they will have to cooperate with the FBI on cybercrime and cybersecurity matters, as well as give continued assistance to law enforcement and the broader research community.  According to court documents, the defendants provided assistance that contributed to complex cybercrime investigations as well as the broader defensive effort by law enforcement and the cybersecurity research community.

The three pleaded guilty in December 2017 in the District of Alaska to conspiracy to violate the Computer Fraud & Abuse Act in operating the Mirai botnet.  Jha and Norman also pleaded guilty to two counts each of the same charge, one in relation to the Mirai botnet and the other in relation to the Clickfraud botnet.

The involvement of the three men with the original Mirai variant ended in September 2016, when Jha posted the source code for Mirai on a criminal forum. Since then, other criminal actors have used Mirai variants in other attacks.

From December 2016 to February 2017, Jha, Brown, and Norman successfully infected over 100,000 computing devices, mainly U.S.-based, such as home Internet routers, with a malware that hijacked the devices to form a powerful botnet. These devices were then used primarily in advertising fraud, including “clickfraud,” a type of Internet-based scheme that makes it appear that a real user has “clicked” on an advertisement for the purpose of artificially generating revenue.

“Cybercrime is a worldwide epidemic that reaches many Alaskans,” U.S. Attorney Bryan Schroder said in a statement.  “The perpetrators count on being technologically one step ahead of law enforcement officials.”

Leave a Reply

Your email address will not be published. Required fields are marked *