The United States Department of Justice yesterday sentenced a 22-year-old Washington-based hacker to 13 months in federal prison for his role in creating botnet malware, infecting a large number of systems with it, and then abusing those systems to carry out large scale distributed denial-of-service (DDoS) attacks against various online service and targets.
According to court documents, Kenneth Currin Schuchman, a resident of Vancouver, and his criminal associates–Aaron Sterritt and Logan Shwydiuk–created multiple DDoS botnet malware since at least August 2017 and used them to enslave hundreds of thousands of home routers and other Internet-connected devices worldwide.
Dubbed Satori, Okiru, Masuta, and Tsunami or Fbot, all these botnets were the successors of the infamous IoT malware Mirai, as they were created mainly using the source code of Mirai, with some additional features added to make them more sophisticated and effective against evolving targets.
According to a press release published by the Department of Justice, thought the primary aim was to earn money by renting other cybercriminals access to their botnet networks, Schuchman and his hacking team themselves used the botnet to conduct DDoS attacks.
In late 2017, CheckPoint researchers spotted Mirai variant Satori exploiting a zero-day RCE vulnerability (CVE-2017-17215) in Huawei HG532 devices that infected more than 200,000 IP addresses in just 12 hours.
The report linked the malware to a hacker using the online alias ‘Nexus Zeta,’ who turned out Kenneth Currin Schuchman after the FBI’s investigation.
“Cybercriminals depend on anonymity, but remain visible in the eyes of justice,” said U.S. Attorney Schroder. “Today’s sentencing should serve as a reminder that together with our law enforcement and private sector partners, we have the ability and resolve to find and bring to justice those that prey on Alaskans and victims across the United States.”
images from Hacker News