Mirai authors sentenced to community service

A US court has sentenced the authors of the powerful Mirai malware strain to community service and US$127,000 ($174,700) worth of fines.

New Jersey's Paras Jha, Washington's Josiah White and Metairie's Dalton Norman were each also sentenced to five years' probation and 2500 hours of community service, reported security researcher and journalist Brian Krebbs. Krebbs helped publicly unmasked the culprits' role in the creation of Mirai, the malware designed to infect IoT devices and add them to botnets.

The three men had pleaded guilty for their roles in developing and using Mirai, and of using a botnet created through the malware to mount DDoS attacks and conduct click fraud.

Jha and White were the co-founders of DDoS attack mitigation company Protraf Solutions, and were found to have been using Mirai to target organisations with DDoS attacks and then either extorting them for money to call off the attacks or selling their DDoS mitigation services to the companies.

According to Krebbs, after White and Jha were questioned by the US FBI over their suspected role in developing Mirai, they attempted to cover their tracks by releasing the source code online.

This action spawned dozens of copycat botnets, one of which had been used to mount a paid for attack on Krebbs' own website, bringing it offline for nearly four days.

The relatively lenient sentence was in line with the recommendations of the US Justice Department, which had asked for lenience due to the trio's "extraordinary cooperation" with the government helping to bring down other cybercriminals.

But Jha is also due to be sentenced next week in a different case involving using Mirai to launch cyber attacks on his university at the time, Rutgers University in New Jersey.

Image credit: ©iStockphoto.com/Federico Caputo

Please follow us and share on Twitter and Facebook. You can also subscribe for FREE to our weekly newsletter and quarterly magazine.