Cybersecurity: Crime and Espionage

Who Created the Mirai Botnet?

By Paul Rosenzweig
Thursday, January 19, 2017, 2:08 PM

Readers will recall that late last year the Mirai botnet was used to take down large swaths of the network. Victims included Brian Krebs (of Krebs on Security), Dyn (one of the largest network DNS resolvers) and almost the entire country of Liberia. The mystery of who created Mirai and why was, naturally, quite of interest to many. Now, Brian Krebs, one of the victims, thinks he knows the answer. His story is a fascinating "cyber who-dun-it" and an illuminating exploration of motivation in cyberspace (hint -- it's all about the Benjamins). I wish I had the capacity to do what he does. Here's the opening:

On September 22, 2016, this site was forced offline for nearly four days after it was hit with “Mirai,” a malware strain that enslaves poorly secured Internet of Things (IoT) devices like wireless routers and security cameras into a botnet for use in large cyberattacks. Roughly a week after that assault, the individual(s) who launched that attack — using the name “Anna Senpai” — released the source code for Mirai, spawning dozens of copycat attack armies online.

After months of digging, KrebsOnSecurity is now confident to have uncovered Anna Senpai’s real-life identity, and the identity of at least one co-conspirator who helped to write and modify the malware.