Deadly Mirai and Qbot-based DDoS Botnet Creator Jailed for 13 months

Kenneth Currin Schuchman, who is also known as Nexus Zeta from Vancouver, Canada, is the creator of deadly Mirai and Qbot-based botnet, has sentenced to 13 months in prison for hiring and promoting the Mirai and Qbot-based DDoS botnets utilized in DDoS attacks against targets from all over the world. 

Rather than Mirai, Kenneth Currin Schuchman also operated the Satori, Okiru, Masuta, and Tsunami/Fbot botnets, and these were published to the United States Probation and Pretrial Services on September 3, 2019.

He was sentenced on Thursday by the U.S. District Court of Alaska, where the Department of Justice stated that Schuchman is involved in criminal botnet projects since August 2017, and he controlled them with his two partners “Vamp” and “Drake” to execute the Satori botnet more complicated and powerful over time. 

The Department of Justice asserted that Schuchman botnets are considered to have affected hundreds of thousands of devices along with malware. According to the DoJ’s press, Schuchman attached additional characteristics to the botnets over time, with the motive of making them “complex and effective.” 

But, the Doj also affirmed that the defendant used the botnets to expedite DDoS attacks, which occur when lots of computers were working in the community; he targeted the systems with the data to obstruct them from being able to access the internet.

The botnet Satori did extensive damages, and its repetitions would be unleashed in record-setting DDoS attacks. Well, this attack dominated more than 800,000 devices, which contain home routers, security cameras, webcams, also crushed ISPs, online gaming programs, and different web hosting companies as well.

According to the special agent in charge, Robert W. Britt of the FBI’s Anchorage Field Office affirmed that the Cyber-attacks profess serious harm to Alaskans, especially to those who belong to the remote communities. 

The officer also claimed that the increasing number of Internet-connected devices giving open challenges to their network security and also their daily lives. Consequently, the FBI Anchorage Field Office will continue to work tirelessly with their partners to grab those criminals who utilize these devices to cause damages globally.

In January, Schuchman joined Mirai and Satori botnet elements to increase the size of the bot army and concentrated on exploiting devices from Vietnam. While in March 2018, the group additionally enhanced the botnet, and renamed it as Tsunami/Fbot and outlining to target security camera devices, gaming servers, and High Silicon DVR systems. 

Moreover, the botnet was able to launch attacks surpassing 100 Gbps. The court declared in one of its statements that, in April 2018, the defense built a Qbot-derived DDoS botnet, straight fighting for customers with his former associate, Vamp.

After all this Schuchman was first interviewed in July 2018 by the FBI, well, he was operating with Vamp and Drake to enhance their active range of DDoS botnets.

But, this whole investigation was carried out by the FBI’s Anchorage Field Office with support from Akamai, Cloudflare, Google, Oracle, Palo Alto Unit 42, Unit 221B, and the University of Cambridge.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates


Recent Posts

Hackers Rewritten The RansomExx Ransomware in Rust Language To Evade Detection

There has recently been a discovery made by IBM Security X-Force Threat Researchers regarding a…

12 hours ago

Web Application Penetration Testing Checklist – A Detailed Cheat Sheet

Web Application Pentesting is a method of identifying, analyzing and Report the vulnerabilities which are…

2 days ago

Chrome Extension Deploy Windows Malware to Steal Cryptocurrency and Clipboard Contents

In order to steal cryptocurrency and clipboard contents, ViperSoftX was detected by the security analysts…

3 days ago

Google Released Over 165 YARA Rules to Detect Cobalt Strike Components in Their Networks

There is a collection of IOCs from VirusTotal and YARA Rules that has been recently…

4 days ago

Hackers Use New Ransomware that Encrypts Files & Steals Tokens From Victim’s Machine

Security researchers at Cyble recently identified that the authors of ransomware now have access to…

5 days ago

Chinese Hackers Using 42,000 Phishing Domains To Drop Malware On Victims Systems

An extensive phishing campaign targeting businesses in numerous upright markets, including retail, was discovered by…

5 days ago