IoT botnet creator cops plea to hacking more than 800,000 devices

by
Dan Goodin
from Ars Technica - All content on (#4PKV4)
getty-gavel-800x533.jpg

Enlarge (credit: Getty Images | Marilyn Nieves)

A 21-year-old Washington man has pleaded guilty to creating botnets that converted hundreds of thousands of routers, cameras, and other Internet-facing devices into money-making denial-of-service fleets that could knock out entire Web hosting companies.

Kenneth Currin Schuchman of Vancouver, Washington, admitted in federal court documents on Tuesday that he and two other co-conspirators operated Sartori and at least two other botnets that collectively enslaved more than 800,000 Internet-of-Things devices. They then used those botnets to sell denial-of-service attacks that customers could order. Last October, while on supervisory release after being indicted for those crimes, Schuchman created a new botnet and also arranged a swatting attack on one of his co-conspirators, the plea agreement, which is signed by the hacker, said.

The crime outlined in the court documents started with the advent in late 2016 of Mirai, a botnet that changed the DDoS paradigm by capitalizing on two salient features of IoT devices: their sheer numbers and their notoriously bad security. Mirai scanned the Internet for devices that were protected by an easy-to-guess default password. When the botnet found one, it corralled it into a botnet that could overwhelm even large targets with more junk traffic than they could handle.

Read 6 remaining paragraphs | Comments

index?i=5fgQSGY1aiY:sjB1vF_PG-g:V_sGLiPB index?i=5fgQSGY1aiY:sjB1vF_PG-g:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA
External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments