One author of the original Mirai botnet received this Friday a new sentence for launching distributed denial-of-service attacks prior to the infamous assaults two years ago.
Paras Jha, one of the three people involved in the creation of Mirai malware, was involved in DDoS attacks long before the botnet shook the internet in 2016. For these crimes, he has to serve six months of home incarceration and pay $8.6 million.
Beginning November 2014, Jha directed the firepower of various compromised devices against his university's central authentication server, bringing it down at least four times.
The server was responsible, among others, for keeping alive a portal used by tens of thousands of members of the staff, faculty, and students to deliver assignments, informs a DoJ release.
Jha's reasons for the attacks were not financial in nature. On one occasion he wanted to delay registration of upper-classmen for an advanced computer science class he wanted to take. Another one had the purpose to delay an exam.
According to local media at the time, the attacks were sometimes followed by snarky remarks at the university's poor security measures. He used Twitter as the communication channel under the alias Exfocus.
Jha's pranks were estimated to cause his university losses estimated between $3.5 and $9.5 million.
These stunts brought the former Rutgers University student more grief than the consequences of building the Mirai DDoS malware, using and then releasing it to the world.
Although the ripples of these actions are seen even today, as proven by the many active botnets still include original Mirai code, its three authors were able to avoid jail time by helping the FBI catch other cybercriminals.
What they got was five years of probation, 2,500 hours of community service, an order to pay back $127,000 and abandon large amounts of cryptocurrency seized during the investigation.
The trio that authored Mirai also included Josiah White and Dalton Norman, but their offenses relate to strictly to the events in 2016, when the Mirai army of IoT devices knocked offline the website of security journalist Brian Krebs, attacked the servers of French hosting provider OVH and then set sights on Dyn global DNS provider.