Botnet: No jailtime for Mirai-creators

09/24/2018
G DATA Blog

Their IoT-botnet created damage worth 100 Million US-Dollars. Yet, the developers will serve no jailtime - because they cooperated with the FBI.

The three men charged with creating the Mirai botnet of unsafe Internet of Things devices have been sentenced in the US. The mild sentences involve no jailtime and are probably due to the fact that the defendants had committed themselves in the course of the trial to cooperation with the US Federal Police FBI.

In 2016, the Mirai botnet enslaved more than 300,000 insecurely configured IoT-devices into a botnet. These included IP surveillance cameras in particular, but also other devices such as digital video recorders connected to the Internet. In many cases, attackers could log into the devices with standard access data and execute code there. The question of what actually is a botnet is clarified in our guidebook.

DDoS attacks paralyzed Netflix, Amazon and Spotify

Mirai-botnet was mainly used for denial of service attacks. The most extensive attack hit the DNS service Dyn in October 2016. As a result, numerous web services such as Netflix, Spotify and some Amazon services failed for several hours. News sites such as cnn.com and Swedish government sites were also affected.

The authors of the Mirai malware themselves declared themselves guilty of using the botnet to their own advantage. In addition to selling capacity for DDoS attacks, they also generated fake clicks on online advertising media in order to generate excessive advertising revenue. The FBI estimates the damage at around 100 million US dollars.

The defendants have been given a mild sentence: They have to pay a fine of 127,000 US dollars, which is small by US standards. They also need to leave confiscated assets in various crypto currencies to the government and work social hours.  The reason for the mild sentences may also be the willingness to cooperate considerably with the authorities.

Men have shown "considerable and extraordinary willingness to cooperate"

All three defendants together have worked about 1,000 hours of unpaid work for the authorities and did show "considerable and extraordinary willingness to cooperate", according to investigators. The voluntary work of the defendants is said to have brought significant progress for the work of the investigating authorities.

Botnets are usually formed by infected computers, smartphones or IoT devices. G DATA security solutions for Windows such as G DATA Total Security or the EU Cleaner Mobile developed in cooperation with the Eco-Initiative Botfrei help end-users to free their devices from botnet malware. This way, end users can contribute to more security on the Internet.