Two hackers responsible for creating the massive Mirai botnet that knocked large swathes of the internet offline last year have pleaded guilty. The pair commandeered hundreds of thousands of connected devices to hurl spam traffic at the DNS service Dyn, which took Reddit, Twitter and other major websites offline in October 2016.
Photo: Getty
Paras Jha and Josiah White admitted to operating the Mirai botnet in plea agreements unsealed today. The reporter Brian Krebs first revealed their identities in January, after his website was targeted in a Mirai DDoS attack.
Jha wrote the source code for Mirai, according to his plea agreement. He and White used the botnet for click fraud, leased it out to other people for DDoS attacks, and ran extortion schemes in which they would launch DDoS attacks against victims’ websites and then demand payment to call off the attacks.
A third man, Dalton Norman, also pleaded guilty to participating in a Mirai-related click fraud scheme. He also helped Jha and White add Internet-of-Things devices to the botnet, which at its peak included more than 300,000 devices.