Categories: Security

Journalist Brian Krebs ‘Unmasks’ Mirai Botnet Developer

The Mirai botnet, most famously used in an attack that brought down Twitter, Reddit, Netflix and other high-profile sites last year, was allegedly written by a young developer who started off in the business of protecting servers from denial-of-service attacks, according to a report.

The report by computer security journalist Brian Krebs, whose website was one of Mirai’s targets, uncovered a number of details indicating that “Anna-Senpai”, the pseudonymous creator of Mirai, is a young man named Paras Jha, founder of distributed denial-of-service (DDoS) attack protection firm ProTraf Solutions.

HSBC, security

Minecraft protection

From operating high-profile Minecraft servers Jha went on to create ProTraf with a focus on protecting those servers from downtime, a highly competitive market, according to Krebs.

Minecraft, the second best-selling computer game of all time after Tetris, is offered on servers that allow players to interact in a single virtual world.

He then allegedly joined in the business ProTraf had been set up to combat, offering targeted denial-of-service attacks for $100 (£81) in Bitcoin for each five minutes of downtime.

He was paid by Minecraft server operators to launch attacks against rival servers and also used his botnet resources against competing DDoS protection firms, according to Krebs.

Open source

Krebs said Anna-Senpai – a reference to a popular Japanese cartoon – appears to be only one of dozens of online pseudonyms for Jha. “Mirai” is likewise a reference to the anime series Mirai Nikki, according to Krebs’ research.

ProTraf offered no comment except to tell Krebs it is “in the process of restructuring and refocusing what we are doing”, while Jha has not yet responded to requests for comment, Krebs said.

While Mirai – which draws on attack power from unprotected Internet-connected devices such as TalkTalk routers, cameras and set-top boxes – was initially for Anna-Senpai’s personal use, the developer later made the code public.

That public code was used in October of last year as part of an attack on Oracle-owned DNS provider Dyn which disrupted a number of high-profile websites.

Do you know all about security? Try our quiz!

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

Mark Zuckerberg Lobbies Trump To Avoid Antitrust Trial – Report

Mark Zuckerberg is reportedly lobbying President Donald Trump for a settlement to avoid antitrust trial…

1 hour ago

Bitcoin Slides To $81,000 In Trump Tariff Shock

As global markets reel from Trump's tariffs, the price of Bitcoin slides as investors seek…

2 hours ago

Amazon’s First Project Kuiper Satellites Slated For 9 April Launch

Rival for Starlink and OneWeb. United Launch Alliance slated to send 27 Kuiper satellites into…

4 hours ago

Trump’s Tariffs: Implications For Tech Sector

Semiconductor imports are free of Trump's tariff war, but concerns remain over imports of smartphones…

5 hours ago

OpenAI Secures $40 Billion Funding Deal With SoftBank, Others

SoftBank has agreed a funding deal that will see OpenAI being provided with up to…

22 hours ago

Tesla Sales Plummet Amid Elon Musk Backlash

Tesla sales have plummeted to lowest level in three years, as deliveries of new EVs…

23 hours ago