Guilty Pleas in Three Computer Crime Cases Involving Significant DDoS Attacks
Anchorage, Alaska
   
 
More Today's News:
ߦ   Alvin Police Dept - Weekly Offense/Arrests Bulletin
ߦ   Burglary suspect WANTED by law enforcement
ߦ   Burnet County Sheriff's Office - Daily Arrests Summary
ߦ   Coast Guard Cutter Dauntless returns after 60-day patrol in Gulf of Mexico
ߦ   Coast Guard interdicts lancha crew illegally fishing US waters
ߦ   Constables arrest 40 year old male for enticing a child at a playground
ߦ   Fort Bend County Trial Information
ߦ   Fort Worth gang member to die tonight for killing girl, grandmother
ߦ   Information Needed Regarding Homicide Investigation - 3333 Marvin D. Love Freeway
ߦ   Investigation into Fatal Crash at 6000 Main Street
ߦ   Louisiana Cuts Injured Officers' Pensions In Half, Demands Repayment
ߦ   Mistrial declared for border agent charged with fatally shooting teen
ߦ   Officer saves boy choking on popcorn at Police Academy graduation
ߦ   Officers shot at Dallas Home Depot
ߦ   Paris Police Dept - Daily Activity/Arrests Summary
ߦ   Pearland Police Dept. Bulletin
ߦ   Person of Interest - Assault of 13-Year-Old Girl
ߦ   Public's Help Sought in Identifying Man Found Deceased at 9800 Lawndale
ߦ   Colorado man built 'sex chamber' for intercourse with pet husky, pressured ex-girlfriend to join, cops say
ߦ   Dickinson PD participating in National Prescription Drug Take Back Day
ߦ   Drug-Back Day April 28
ߦ   East Texas Hospital Self-Discloses and Resolves Health Care Compliance Concerns
ߦ   Information Needed in Homicide Investigation
ߦ   Investigation into Fatal Shooting at 14600 Buffalo Speedway
ߦ   Investigation into Male Found Deceased at 6161 Gulf Freeway
ߦ   Investigation into Shooting at 3341 Winbern
ߦ   Investigation into Shooting at 9850 Westpark
ߦ   Investigation into Shooting Incident at 3300 Old Spanish Trail
ߦ   North Carolina Police Sergeant Charged with Using Excessive Force Against an Arrestee
ߦ   Second Suspect Arrested, Charged in Fatal Shooting at 4800 Martin Luther King Boulevard
ߦ   Sports Clips of Greatwood/RiverPark Partners With Child Advocates of Fort Bend to Make a Difference for Children
ߦ   Suspect Arrested, Charged in Fatal Crash at 1200 Crosstimbers
ߦ   Suspect Arrested, Charged in Fatal Shooting at 2725 Reed Road
ߦ   Third Person Gets Life Sentence for Attempted Murder of Kansas Deputy
ߦ   Woman Shot in Stomach, Man Arrested

   Next >>
 
Search Archives:

The Justice Department announced today the guilty pleas in three cybercrime cases.  In the District of Alaska, defendants pleaded guilty to creating and operating two botnets, which targeted “Internet of Things” (IoT) devices, and in the District of New Jersey, one of the defendants also pleaded guilty to launching a cyber attack on the Rutgers University computer network.

Acting Assistant Attorney General John P. Cronan of the Justice Department’s Criminal Division, U.S. Attorney Bryan D. Schroder of the District of Alaska, Acting U.S. Attorney William E. Fitzpatrick of the District of New Jersey and Assistant Director Scott Smith of the FBI Cyber Division made the announcement.

On Dec. 8, Paras Jha, 21, of Fanwood, New Jersey; Josiah White, 20, of Washington, Pennsylvania; and Dalton Norman, 21, of Metairie, Louisiana, pleaded guilty to criminal Informations in the District of Alaska charging them each with conspiracy to violate the Computer Fraud & Abuse Act in operating the Mirai Botnet.  In the summer and fall of 2016, White, Jha, and Norman created a powerful botnet – a collection of computers infected with malicious software and controlled as a group without the knowledge or permission of the computers’ owners.  The Mirai Botnet targeted IoT devices – non-traditional computing devices that were connected to the Internet, including wireless cameras, routers, and digital video recorders.  The defendants attempted to discover both known and previously undisclosed vulnerabilities that allowed them to surreptitiously attain control over the victim devices for the purpose of forcing the devices to participate in the Mirai Botnet.  At its peak, Mirai consisted of hundreds of thousands of compromised devices.  The defendants used the botnet to conduct a number of powerful distributed denial-of-service, or “DDOS” attacks, which occur when multiple computers, acting in unison, flood the Internet connection of a targeted computer or computers.  The defendants’ involvement with the original Mirai variant ended in the fall of 2016, when Jha posted the source code for Mirai on a criminal forum. Since then, other criminal actors have used Mirai variants in a variety of other attacks.

On Dec. 8, Paras Jha and Dalton Norman also pleaded guilty to criminal Informations in the District of Alaska charging each with conspiracy to violate the Computer Fraud & Abuse Act.  From December 2016 to February 2017, the defendants successfully infected over 100,000 primarily U.S.-based computing devices, such as home Internet routers, with malicious software.  That malware caused the hijacked home Internet routers and other devices to form a powerful botnet.  The victim devices were used primarily in advertising fraud, including “clickfraud,” a type of Internet-based scheme that makes it appear that a real user has “clicked” on an advertisement for the purpose of artificially generating revenue.

On Dec. 13, Paras Jha pleaded guilty in the District of New Jersey to violating the Computer Fraud & Abuse Act.  Between November 2014 to September 2016, Jha executed a series of attacks on the networks of Rutgers University.  Jha’s attacks effectively shut down Rutgers University’s central authentication server, which maintained, among other things, the gateway portal through which staff, faculty, and students delivered assignments and assessments.  At times, Jha succeeded in taking the portal offline for multi-day periods, harming Rutgers University, its faculty, and its students.

“The Mirai and Clickfraud botnet schemes are powerful reminders that as we continue on a path of a more interconnected world, we must guard  against the threats posed by cybercriminals that can quickly weaponize technological developments to cause vast and varied types of harm,” said Acting Assistant Attorney General Cronan.  “The Criminal Division will remain constantly vigilant in combating these sophisticated schemes, prosecuting cybercriminals, and protecting the American people.”

“Our world has become increasingly digital, and increasingly complex,” said U.S. Attorney Schroder.  “Cybercriminals are not concerned with borders between states or nations, but should be on notice that they will be held accountable in Alaska when they victimize Alaskans in order to perpetrate criminal schemes.  The U.S. Attorney’s Office, along with our partners at the FBI and Department of Justice‘s Computer Crime and Intellectual Property Section (CCIPS), are committed to finding these criminals, interrupting their networks, and holding them accountable.”

“Paras Jha has admitted his responsibility for multiple hacks of the Rutgers University computer system,” said Acting U.S. Attorney Fitzpatrick. “These computer attacks shut down the server used for all communications among faculty, staff and students, including assignment of course work to students, and students’ submission of their work to professors to be graded.  The defendant’s actions effectively paralyzed the system for days at a time and maliciously disrupted the educational process for tens of thousands of Rutgers’ students. Today, the defendant has admitted his role in this criminal offense and will face the legal consequences for it.”

“These cases illustrate how the FBI works tirelessly against the actions of criminals who use malicious code to cause widespread damage and disruptions to the general population,” said FBI Assistant Director Smith. “The FBI is dedicated to working with its domestic and international partners to aggressively pursue these individuals and bring justice to the victims.”   

For additional information on cybersecurity best practices for IoT devices, please visit:  https://www.justice.gov/criminal-ccips/page/file/984001/download.

All three cases were investigated by the FBI’s Anchorage, Alaska and Newark, New Jersey Field Offices.  The Mirai Botnet and Clickfraud Botnet cases are being prosecuted by Assistant U.S. Attorney Adam Alexander of the District of Alaska and Trial Attorney C. Alden Pelker of the Computer Crime and Intellectual Property Section of the Criminal Division.  The Rutgers University case is being prosecuted by Assistant U.S. Attorney Shana Chen of the District of New Jersey.  Additional assistance was provided by the FBI’s New Orleans and Pittsburgh Field Offices, the U.S. Attorney’s Office for the Eastern District of Louisiana, the United Kingdom’s National Crime Agency, the French General Directorate for Internal Security, the National Cyber-Forensics & Training Alliance, Palo Alto Networks Unit 42, Google, Cloudflare, Coinbase, Flashpoint, Yahoo and Akamai.  Former Department of Justice prosecutors Ethan Arenson, Harold Chun, and Yvonne Lamoureux provided invaluable support during their previous tenure at DOJ.

Post a comment
Name/Nickname:
(required)
Email Address: (must be a valid address)
(will not be published or shared)
Comments: (plain text only)
Printer Friendly Format  Printer Friendly Format    Send to a Friend  Send to a Friend    RSS Feed  RSS Feed
  Facebook   Share link on Twitter Tweet  
© 1999-2018 The Police News. All rights reserved.