Minecraft link to the largest botnet
20 January 2017
Malware that led to the internet's largest ever cyber-attack last year was linked to Minecraft servers according to the people who investigated it.
Security blogger Brian Krebs has spent months investigating the attack which knocked his blog offline.
He claims that the origins for the Mirai botnet can been traced back to rivalries within the Minecraft community.
His claims are supported by an expert in security, who offered net security to Minecraft servers.
Robert Coelho (Vice President of Security Firm ProxyPipe) told the BBC that his suspicions regarding the Mirai code were reported to the FBI who are "actively investigating" them.
The botnet Mirai was made up of more than 500,000 web-connected devices such as routers and webcams.
The attacks it unleashed - so-called denial-of-service (DDoS) attacks that hit web pages with so much data they fall over they were the largest the net had ever experienced.
The victims that were taken offline included Twitter, Spotify and Reddit.
'Hundreds of hours'
Shortly after the attacks, the person who claimed responsibility, using codename Anna Senpai, released the source code online, opening the way for similar attacks.
A modified form of the malware was later used to attack UK internet service providers TalkTalk and the Post Office.
Since being struck by the Mirai botnet in September 2016 Krebs has been adamant that Krebs has put in "hundreds of hours" to identifying the person behind it.
He wrote "If you've wondered about why so few internet criminals are being arrested I can tell you that the sheer amount and persistence required to figure out who's responsible (and the reasons) online is staggering."
His research led him to Minecraft which is a computer program that is now owned by Microsoft which allows users to create things with cubic blocks.
It has a massive following particularly among children, and it is estimated that at any one moment, more than a million people are playing it.
Mr Krebs claims that an Minecraft server with over 1,000 users can earn $50,000 per month (PS40,600). This is due to the fact that players renting space to create their own Minecraft worlds.
game servers an a lot of fun
He writes that Anna Senpai's name was not disclosed until he figured out Mirai, the newest member of an IoT botnet family that had been in development for almost three years.
The code used in earlier versions was frequently used to attack servers hosting Minecraft the game, according to him.
ProxyPipe - owned by Mr Coelho - had plenty of Minecraft servers as clients and in mid-2015, it was attacked by a massive attack, launched from an unidentified botnet that was made up of IoT devices like web cameras.
BBC interviewer Mr Coelho stated that he was suspicious about the attacker and said: "Minecraft is a tight-knit community. We know who's talking.
He claimed that the attack was orchestrated by a rival security firm that also offered DDoS protection for Minecraft clients.
He claimed that the founder of the security company had previously run the Minecraft web server and was one of his clients.
He also claims that the Mirai author - Anna Senpai - contacted him via Skype at the end of September, partially to explain that the attack on his business was "not personal" but also to brag that he had been paid by the owners of a massive Minecraft server to launch an attack against an opponent server.
What is a DDoS attack?
7 March 2016
Internet attack using "Smart" devices
22 October 2016
No comments yet