It looks like Brian Krebs has been doing some digging trying to find out who authored the Mirai Worm that was used to force his site offline for a few days last year. The malware author goes by the handle Anna-Senpai, and Mr. Krebs believes he has unearthed his/her true identity:
On September 22, 2016, this site was forced offline for nearly four days after it was hit with "Mirai," a malware strain that enslaves poorly secured Internet of Things (IoT) devices like wireless routers and security cameras into a botnet for use in large cyberattacks. Roughly a week after that assault, the individual(s) who launched that attack — using the name "Anna-Senpai" — released the source code for Mirai, spawning dozens of copycat attack armies online.
After months of digging, KrebsOnSecurity is now confident to have uncovered Anna-Senpai's real-life identity, and the identity of at least one co-conspirator who helped to write and modify the malware.
The article is a good read and covers a lot of interesting ground within the botnet community.
(Score: 2) by looorg on Monday January 23 2017, @08:47AM
A good and interesting read for sure. Krebs delivers in that department as per usual. But evidence wise it seems fairly circumstantial at best - nicknames shared across sites, text conversations, an interest in manga and a few other people that seem to think it is a given person. I'm not saying he is wrong and I guess Krebs could be holding out on us and have more and better evidence then he is letting on but if not then this seems kinda weak as far as a case goes. The person named also deny that it's him that is the author of the worm, which is hardly a surprise either way. But I'm left wondering how this is different from just doxing someone. I would assume the person(s) named are now kind screwed either way. One would hope they do get charged with actual crimes otherwise this kind of reporting seems somewhat iffy. Problem might be that Krebs outing them might actually make an actual criminal investigation harder to complete.
There are some good life-lessons in operational security here for the future criminals - don't be lazy, don't use the same email and nickname for many things and sites. But that said most criminals are lazy, just like most people, so I doubt that will change anything.
(Score: 2) by shipofgold on Monday January 23 2017, @04:56PM
I hope that Krebs indeed has held back the most damning evidence to get the FBI attention.
http://www.nj.com/news/index.ssf/2017/01/rutgers_student_questioned_cyber_attack.html [nj.com]
Shows that indeed it did work in grabbing somebody's attention.
While I am no big fan of the FBI grabbing peoples "devices" I am guessing if they do get a hold of these guys' equipment plenty of evidence will be left behind for them to find if they are indeed part of this whole thing.
Murai was pretty serious....extortion, protection rackets and damage to good reputations have all come out of it. I hope that those who are really accountable get long hard time.