Every so often, it’s nice to hear about when the good guys win and cybercriminals get their comeuppance. Three such cybercriminals have entered guilty pleas to charges related to major cybersecurity events.
Mirai was a malware strain that creates a botnet out of enslaved Internet of Things devices. By leveraging the resources of these IoT devices, Mirai took down networks and websites. 20 and 21-year-olds Josiah White and Paras Jha have pled guilty for developing and leveraging Mirai.
The duo were co-founders of Protraf Solutions LLC, a company that would mitigate DDoS attacks. Their business model was to sell their solutions to their DDoS victims, or use the DDoS attack the old-fashioned way: as a means of collecting ill-gotten monies from those desperate enough to pay them to stop the attack. Along with 21-year-old Dalton Norman, White and Jha also used Mirai to power a click fraud scheme that net them about 200 Bitcoin, Norman alone netting 30.
Mirai ultimately went on to power one of the biggest attacks the world has ever seen, using IoT devices to take down Dyn, causing many major websites to go down.
Ultimately, the three young malware developers were each charged with click fraud conspiracy, earning each a $250,000 fine and a stay of up to five years in prison. Jha and White plead guilty to conspiracy charges for writing and using Mirai and were each sentenced to an additional 5 years in prison and $250,000 fine, as well as three years of supervised release.
An employee of the National Security Agency, Nghia Hoang Pho, pled guilty on December 17, 2017, to a charge of “willful retention of national defense information.” According to the United States Justice Department, Pho was hired in 2006 as a developer for the Tailored Access Operations unit. The Tailored Access Operations unit, or TAO unit, creates specialized hacking tools that are used to collect data from the information systems used by overseas targets.
Between 2010 and March of 2015, Pho removed classified data and stored it on his home computer, which utilized antivirus software from Kaspersky Lab. Kaspersky Lab is suspected of having been exploited by Russian hackers to steal documents, perhaps including the ones Pho removed and saved at home.
The United States Department of Homeland Security has since issued a directive that bans the use of Kaspersky software in federal agencies. Pho could face up to 10 years in prison and is scheduled for sentencing on April 6.
One of four men who faced indictment in March of 2017 has pled guilty to hacking into Yahoo and exposing the usernames, passwords, and account information for essentially every Yahoo user, with the number of victims counting to about one billion.
22-year-old Karim Baratov, a Canadian, has been charged with working for two members of the Federal Security Service of the Russian Federation. In his work for the FSB, Baratov hacked into 80 accounts, as well as a total of over 11,000 webmail accounts since 2010. Baratov also provided hacking services that enabled access to accounts with Google, Yahoo, and Yandex, via the use of spear-phishing through custom content and a malicious link.
For his activities, Baratov has pled guilty to a total of nine counts. One count, for aggravated identity theft, has a mandatory sentence of two years, while each of the other eight counts could net him 10 years in jail and a fine of $250,000. However, the federal sentencing guidelines established in the United States could reduce the final sentence considerably.
While it is nice to see those responsible for cybercrime paying their dues, it is even better for certain cybercrimes to be prevented in the first place. i-medIT can help your business with that. Call us at 630-549-6199.