Slashdot Mirror
Krebs Pinpoints the Likely Author of the Mirai Botnet (engadget.com)
The Mirai botnet caused serious trouble last fall, first hijacking numerous IoT devices to make a historically massive Distributed Denial-Of-Service (DDoS) attack on KrebsOnSecurity's site in September before taking down a big chunk of the internet a month later. But who's responsible for making the malware? From a report on Engadget: After his site went dark, security researcher Brian Krebs went on a mission to identify its creator, and he thinks he has the answer: Several sources and corroborating evidence point to Paras Jha, a Rutgers University student and owner of DDoS protection provider Protraf Solutions. About a week after attacking the security site, the individual who supposedly launched the attack, going by the username Anna Senpai, released the source code for the Mirai botnet, which spurred other copycat assaults. But it also gave Krebs the first clue in their long road to uncover Anna Senpai's real-life identity -- an investigation so exhaustive, the Krebs made a glossary of cross-referenced names and terms along with an incomplete relational map.
https://krebsonsecurity.com/20...
BK rocks BTW.
pinpointed the botnets original author? Are we sure Brian Krebs isnt some character out of the Marvel universe??
Good people go to bed earlier.
"...an investigation so exhaustive," Really? How exhaustive was it? Are we talking 2 searches on Google Exhaustive? Or what?
It's almost like you didn't read the article.
Just cruising through this digital world at 33 1/3 rpm...
https://krebsonsecurity.com/2017/01/who-is-anna-senpai-the-mirai-worm-author/
We do we link to some shitty gadget blog instead of the original author with real credibility?
Why was he doing this investigation alone?
Vengeance. Jha messed with Krebs, and Krebs messed back. Hard. And by going public, Jha can not attack him since he is too busy trying to burn the evidence. It is also a message to others...
IMHO, this is the best part of this story: "Digital Shadows noted that the Mirai author appears to have used another nickname: “OG_Richard_Stallman,”"
Would agree with your crime fighting methods.
I can't say that I don't like it in theory, but in practice it seems to have some side effects.
Given your use of grammar i'm guessing that maybe English isn't your first language? If someone says "X was so Y" followed by a comma and then a statement, it is generally accepted that the statement following the comma is in support of "X was so Y".
So your original question "Really? How exhaustive was it?" was answered immediately after the bit you quoted, which is why everyone else who is more fluent in English was confused by you asking the question in the first place. To them the answer was right there in plain sight.
In full: "an investigation so exhaustive, the Krebs made a glossary of cross-referenced names and terms along with an incomplete relational map." In other words it was so exhaustive that he had to produce multiple kinds of reference material just to make the sum total of the data understandable.
Admittedly that doesn't provide a great deal of detail, implying the "exhaustiveness" of the investigation by the amount of data produced, but providing an answer that is light in details is not the same as not providing an answer at all. Also, referring to Brian Krebs as "the Krebs" is a little weird, but it's not entirely uncommon for people to refer to a notable individual in such a manner.
This Space Intentionally Left Blank
Krebs better be right or Jha will have one hell of a defamation case against him
I actually read through the whole article and its great detective work. I get the feeling people were bragging to krebby because of how famous he is and they, being anonymous hackers, can never shut up and stop bragging. I love how the reddit account mentioned has recent postings (last one 3 days ago), hasn't been scrubbed, and links together many aspects of the guys life (his love for anime, the dorm he lives in at ruttegers, discussion of botnets and networking).
A life lived online is not very anonymous it seems! especially when you re-use handles and are young and really really like to brag.
Hopefully he made enough to buy a plane ticket away from the USA before the shoe drops on him. I'd be at the airport right now if i was him. Love how Jha says at the end "I don't think there are enough facts to definitively point the finger at me," Jha said. âoeBesides this article, I was pretty much a nobody. "
Well so were all the serial killers and other sociopaths of history... obviously! Someone did the detective work and now they are notorious, like you.
My advice? Run! The FBI surely has enough resources to get IP address for skype users, and reddit gives up their users at the drop of a hat. The FBI can easily take possession of his computer equipment with this kind of evidence. I doubt he was that careful and everything is tight and anonymous at the layer 3 level.
Expecting to see him arrested within days! FBI doesn't like to be made a fool of!
As a potential lottery winner, I totally support tax cuts for the wealthy
RTFA?! Why? If one casually notices the quotes, it's those two little marks placed together, it's used to 'quote' a source. The quoted source implies that the reader doesn't comprehend what is being explained.
I agree, it's clear that you don't comprehend what is being explained.
If, however, you had taken a moment to just look at the article it probably would have answered your ignorance, demonstrated by what you wrote: "Really? How exhaustive was it? Are we talking 2 searches on Google Exhaustive? Or what?"
You're free to be as ignorant as you like but don't get your panties in a twist when others point out that your ignorance is a self-inflicted wound.
Just cruising through this digital world at 33 1/3 rpm...
Wait, I thought it was Russians? After all, "Mirai" means "gullible" in Russian.
Yeah it really sucks when you find out that someone investigating all of the murders in town notices that the bloody footprints keep leading to your door.
If he didn't want to go down for this then he shouldn't have done it. I probably have more respect for Brian Krebs than any other journalist, he's obviously not infallible but his investigations and articles are great pieces of work. After reading the article, it seems pretty unlikely that there is another person in that small group of people who are connected which is actually the author but somehow didn't get noticed by Krebs. Jha admitted that the author of the botnet is a sociopath, so he's at least self-aware, but I'm not going to shed any tears for him when the FBI comes calling again. His attacks have run into the hundreds of thousands or millions of dollars, and he's directly negatively impacting the lives of many other people. If you want to try to poke holes in any of Krebs' arguments then go ahead, but if you haven't even read his article then it's probably better to save your witch hunt cliche for a time when it applies.
"Our two-party system is like a bowl of shit looking at itself in a mirror." - Lewis Black
Seems like Brian connected the dots.