A security researcher claims to have established the identity of a programmer behind the code that carried out some recent crippling online attacks.
Late last year, hundreds of thousands of connected devices were hacked and used to send debilitating surges of data to servers. These so-called Internet of things (IoT) botnets, made up of hardware such as Internet-connected cameras and broadband routers, were used to take down websites and Internet infrastructure. The most notable attack affected large swaths of the East Coast of the U.S.
All the while, it’s been known that many of these attacks—including one that was leveled at the security researcher and writer Brian Krebs—were made possible by a piece of malicious software known as Mirai. This piece of malware wriggled its way onto devices, infected others, and made it hard for other software to get rid of it. Over time, it created a global network of bots that could be corralled to nefarious ends.
Now Krebs has waded through the murky depths of the Internet to trace the identity of those behind Mirai. And he thinks that he’s identified one of the co-authors of the software.
In a lengthy post—so lengthy, in fact, that it has its own glossary—Krebs cites numerous sources and lays out corroborating evidence from his investigation. It’s well worth reading in full, because it feels like a modern-day detective story, packed with pseudonyms, extortion attempts, and adolescent Web posts containing intriguing clues.
The upshot is that Krebs says he believes a public posting of the Mirai source code can be traced to a Rutgers University student. Not only does Krebs think that the student wrote some of the code, he also argues that the programmer appears to have made use of hacked devices to perform some attacks, too.
But even if the creator of Mirai is unmasked, it doesn’t do a great deal to solve the problem of IoT botnets being used to take down parts of the Web. The malware is, after all, now out in the wild, and the botnets that it can be used to create are growing in number and complexity.
Late last year, computer security experts warned Congress that the government must intervene to combat the problem of IoT botnets by introducing strict regulations on security standards for connected devices—and fast. Knowing who might have been behind the latest attack should do nothing to reduce that urgency.
(Read more: Krebs on Security, “IoT Botnets Are Growing—and Up for Hire,” “Security Experts Warn Congress That the Internet of Things Could Kill People,” “Massive Internet Outage Could Be a Sign of Things to Come”)