Tuesday, December 3, 2024
HomeCyber CrimeDeadly Mirai and Qbot-based DDoS Botnet Creator Jailed for 13 months

Deadly Mirai and Qbot-based DDoS Botnet Creator Jailed for 13 months

Published on

SIEM as a Service

Kenneth Currin Schuchman, who is also known as Nexus Zeta from Vancouver, Canada, is the creator of deadly Mirai and Qbot-based botnet, has sentenced to 13 months in prison for hiring and promoting the Mirai and Qbot-based DDoS botnets utilized in DDoS attacks against targets from all over the world. 

Rather than Mirai, Kenneth Currin Schuchman also operated the Satori, Okiru, Masuta, and Tsunami/Fbot botnets, and these were published to the United States Probation and Pretrial Services on September 3, 2019.

He was sentenced on Thursday by the U.S. District Court of Alaska, where the Department of Justice stated that Schuchman is involved in criminal botnet projects since August 2017, and he controlled them with his two partners “Vamp” and “Drake” to execute the Satori botnet more complicated and powerful over time. 

- Advertisement - SIEM as a Service

The Department of Justice asserted that Schuchman botnets are considered to have affected hundreds of thousands of devices along with malware. According to the DoJ’s press, Schuchman attached additional characteristics to the botnets over time, with the motive of making them “complex and effective.” 

But, the Doj also affirmed that the defendant used the botnets to expedite DDoS attacks, which occur when lots of computers were working in the community; he targeted the systems with the data to obstruct them from being able to access the internet.

The botnet Satori did extensive damages, and its repetitions would be unleashed in record-setting DDoS attacks. Well, this attack dominated more than 800,000 devices, which contain home routers, security cameras, webcams, also crushed ISPs, online gaming programs, and different web hosting companies as well.

According to the special agent in charge, Robert W. Britt of the FBI’s Anchorage Field Office affirmed that the Cyber-attacks profess serious harm to Alaskans, especially to those who belong to the remote communities. 

The officer also claimed that the increasing number of Internet-connected devices giving open challenges to their network security and also their daily lives. Consequently, the FBI Anchorage Field Office will continue to work tirelessly with their partners to grab those criminals who utilize these devices to cause damages globally.

In January, Schuchman joined Mirai and Satori botnet elements to increase the size of the bot army and concentrated on exploiting devices from Vietnam. While in March 2018, the group additionally enhanced the botnet, and renamed it as Tsunami/Fbot and outlining to target security camera devices, gaming servers, and High Silicon DVR systems. 

Moreover, the botnet was able to launch attacks surpassing 100 Gbps. The court declared in one of its statements that, in April 2018, the defense built a Qbot-derived DDoS botnet, straight fighting for customers with his former associate, Vamp.

After all this Schuchman was first interviewed in July 2018 by the FBI, well, he was operating with Vamp and Drake to enhance their active range of DDoS botnets.

But, this whole investigation was carried out by the FBI’s Anchorage Field Office with support from Akamai, Cloudflare, Google, Oracle, Palo Alto Unit 42, Unit 221B, and the University of Cambridge.

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity updates

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

Threat Actors Allegedly Claims Breach of EazyDiner Reservation Platform

Reports have emerged of a potential data breach involving EazyDiner, a leading restaurant reservation...

Salesforce Applications Vulnerability Could Allow Full Account Takeover

A critical vulnerability has been discovered in Salesforce applications that could potentially allow a...

TP-Link HomeShield Function Vulnerability Let Attackers Inject Malicious Commands

A significant vulnerability has been identified in TP-Link's HomeShield function, affecting a range of...

ElizaRAT Exploits Google, Telegram, & Slack Services For C2 Communications

APT36, a Pakistani cyber-espionage group, has recently upgraded its arsenal with ElizaRAT, a sophisticated...

API Security Webinar

72 Hours to Audit-Ready API Security

APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API inventories and insufficient documentation.

Join Vivek Gopalan, VP of Products at Indusface, in this insightful webinar as he unveils a practical framework for discovering, assessing, and addressing open API vulnerabilities within just 72 hours.

Discussion points

API Discovery: Techniques to identify and map your public APIs comprehensively.
Vulnerability Scanning: Best practices for API vulnerability analysis and penetration testing.
Clean Reporting: Steps to generate a clean, audit-ready vulnerability report within 72 hours.

More like this

Matrix, A Single Actor Orchestrate Global DDOS Attack Campaign

Cybersecurity researchers have uncovered a widespread Distributed Denial-of-Service (DDoS) campaign attributed to a threat...

RomCom Hackers Exploits Windows & Firefox Zero-Day in Advanced Cyberattacks

In a new wave of cyberattacks, the Russia-aligned hacking group "RomCom" has been found...

Researchers Detailed Tools Used By Hacktivists Fueling Ransomware Attacks

CyberVolk, a politically motivated hacktivist group, has leveraged readily available ransomware builders like AzzaSec,...