Daniel Kaye, a 29-year-old hacker known under the nicknames of BestBuy and Popopret, will appear in a UK court today to face hacking charges related to his activity as master of one of the biggest Mirai botnets ever assembled.
Kaye, a UK citizen from the town of Egham, Surrey, had already pleaded guilty in a German court for infecting routers and IoT devices with the Mirai malware and using it to launch DDoS attacks.
On July 28, a German court sentenced him to a suspended prison sentence of one year and eight months.
Following legal procedures in Germany, the hacker was extradited back to his home country to face similar charges.
According to an official statement from UK authorities, Kaye stands accused of using his personal Mirai botnet — known under the codename of Mirai #14 — to launch DDoS attacks on Lloyds Banking Group and Barclays banks in January 2017. Authorities say he was also behind blackmail attempts against the same banks.
In addition, Kaye is also facing a charge of "endangering human welfare" because of DDoS attacks he carried out against Lonestar MTN, Liberia’s biggest Internet provider. During his trial in Germany, Kaye said an unidentified/unnamed party paid him $10,000 to attack the Liberian ISP.
While UK authorities have not pressed official charges, an InfoArmor report fingered Kaye's "BestBuy/Popopret" persona as the author of the GovRAT malware, used to infect computers and steal data from a large number of US government and state organizations.
Kaye activated on the underground hacking scene for years, but he caught the eye of cyber-security firms and law enforcement agencies in November and December 2016 when a botched version of the Mirai malware he modified infected and brought down over 900,000 Deutsche Telekom routers in Germany, and another 100,000 routers from several ISPs in the UK.
German police spearheaded an investigation into Kaye's Mirai botnet #14, which at one point the hacker was offering for rent online, and bragged about reaching 1.5 million devices.
UK police arrested Kaye at a London airport in late February and immediately extradited the hacker to Germany to face charges. Kaye is now back in the UK to face the music for the crimes committed in his native country.
Below is a simple timeline of all events: