Skip to Content

Researcher Claims He’s Identified a Co-creator of a Massive Internet of Things Botnet

But even if we find out who orchestrated some of the fiercest Internet attacks of late, will it matter?
January 19, 2017

A security researcher claims to have established the identity of a programmer behind the code that carried out some recent crippling online attacks.

Late last year, hundreds of thousands of connected devices were hacked and used to send debilitating surges of data to servers. These so-called Internet of things (IoT) botnets, made up of hardware such as Internet-connected cameras and broadband routers, were used to take down websites and Internet infrastructure. The most notable attack affected large swaths of the East Coast of the U.S.

All the while, it’s been known that many of these attacks—including one that was leveled at the security researcher and writer Brian Krebs—were made possible by a piece of malicious software known as Mirai. This piece of malware wriggled its way onto devices, infected others, and made it hard for other software to get rid of it. Over time, it created a global network of bots that could be corralled to nefarious ends.

Now Krebs has waded through the murky depths of the Internet to trace the identity of those behind Mirai. And he thinks that he’s identified one of the co-authors of the software.

In a lengthy post—so lengthy, in fact, that it has its own glossary—Krebs cites numerous sources and lays out corroborating evidence from his investigation. It’s well worth reading in full, because it feels like a modern-day detective story, packed with pseudonyms, extortion attempts, and adolescent Web posts containing intriguing clues.

The upshot is that Krebs says he believes a public posting of the Mirai source code can be traced to a Rutgers University student. Not only does Krebs think that the student wrote some of the code, he also argues that the programmer appears to have made use of hacked devices to perform some attacks, too.

But even if the creator of Mirai is unmasked, it doesn’t do a great deal to solve the problem of IoT botnets being used to take down parts of the Web. The malware is, after all, now out in the wild, and the botnets that it can be used to create are growing in number and complexity.

Late last year, computer security experts warned Congress that the government must intervene to combat the problem of IoT botnets by introducing strict regulations on security standards for connected devices—and fast. Knowing who might have been behind the latest attack should do nothing to reduce that urgency.

(Read more: Krebs on Security, “IoT Botnets Are Growing—and Up for Hire,” “Security Experts Warn Congress That the Internet of Things Could Kill People,” “Massive Internet Outage Could Be a Sign of Things to Come”)

Keep Reading

Most Popular

Large language models can do jaw-dropping things. But nobody knows exactly why.

And that's a problem. Figuring it out is one of the biggest scientific puzzles of our time and a crucial step towards controlling more powerful future models.

OpenAI teases an amazing new generative video model called Sora

The firm is sharing Sora with a small group of safety testers but the rest of us will have to wait to learn more.

Google’s Gemini is now in everything. Here’s how you can try it out.

Gmail, Docs, and more will now come with Gemini baked in. But Europeans will have to wait before they can download the app.

This baby with a head camera helped teach an AI how kids learn language

A neural network trained on the experiences of a single young child managed to learn one of the core components of language: how to match words to the objects they represent.

Stay connected

Illustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at customer-service@technologyreview.com with a list of newsletters you’d like to receive.