Minecraft link to net's biggest botnet

Minecraft link to net's biggest botnet

Malware which launched the net's largest ever cyber-attack last year had links to Minecraft servers, according to those investigating it.

Security blogger Brian Krebs has spent months investigating the attack which knocked his blog offline.

He claims that the origins of the Mirai botnet can be traced back to rivalries in the Minecraft community.

His claims are backed up by a security expert who provided net security for Minecraft servers.

Robert Coelho, vice president of security firm ProxyPipe, told the BBC that his suspicions about who was behind the Mirai code have been passed to the FBI who are "actively investigating" the claims.


The botnet Mirai was made up of more than 500,000 web-connected devices such as webcams and routers.

The attacks it launched - so-called denial-of-service (DDoS) which hit web pages with so much data that they fall over - were the biggest the net had ever experienced.

Victims that were knocked offline included Twitter, Spotify and Reddit.

Shortly after the attacks, the individual claiming responsibility - using the codename Anna Senpai - released the source code online, paving the way for copycat attacks.

A modified form of the malware was later used to attack the UK's internet service providers TalkTalk and the Post Office.

Since being hit by the Mirai botnet in September 2016, Mr Krebs has devoted "hundreds of hours" into uncovering who was behind it.

"If you've ever wondered why it seems that so few internet criminals are brought to justice, I can tell you that the sheer amount of persistence and investigative resources required to piece together who's done what to whom (and why) in the online era is tremendous," he writes.

His research led him directly to the community around Minecraft, a computer game now owned by Microsoft, in which users build things from cubic blocks.

It has a huge following, especially among children and it is estimated that at any one time, one million people are playing it.

Minecraft link to net's biggest botnet

According to Mr Krebs, a large successful Minecraft web server with more than 1,000 players logging on each day can earn up to $50,000 (?40,600) per month, mainly from players renting space to build their Minecraft worlds.

"The first clues to Anna Senpai's identity didn't become clear until I understood that Mirai was just the latest incarnation of an IoT [internet of things] botnet family that has been in development and relatively broad use for nearly three years," he writes.

The code for these earlier versions was often used to knock over web servers used to host Minecraft, he claims.

ProxyPipe - owned by Mr Coelho - had plenty of Minecraft servers as clients and in mid-2015 was hit by a massive attack, launched from a botnet made up of IoT devices such as web cameras.

Mr Coelho told the BBC that he had his suspicions about who was behind the attack: "Minecraft is a tight knit community. We know who is talking to who."

He alleged that the attack came from a competing security firm, which also offered DDoS protection to Minecraft clients.

He claimed that the founder of the security firm had previously run a Minecraft web server and was one of his clients.

He also claims that the Mirai author - Anna Senpai - contacted him via Skype at the end of September, partly to explain that the attack on his firm was "not personal" but also to brag that he had been paid by the owners of a large Minecraft server to launch an attack on a rival server.



Add Comment

all comments

  Other news

more
Carmarthenshire mum-to-be gets armed escort to hospital

Carmarthenshire mum-to-be gets armed escort to hospital..

29-May, 12:00

Armed officers who spotted a speeding car in west Wales discovered a...

US lawmakers seek to reverse Trump’s $110bn arms deal with Saudi Arabia

US lawmakers seek to reverse Trump’s $110bn arms deal with Saudi Arabia..

29-May, 07:48

Top Republicans and Democrats in Congress have called for the...

Emmerdale's Lucy Pargeter introduces twin baby daughters Missy Mabel and Betsey Maggie and reveals terrifying moment at birth when babies 'weren't breathing'

Emmerdale's Lucy Pargeter introduces twin baby daughters Missy Mabel and Betsey Maggie and..

29-May, 11:24

In an exclusive shoot and interview with OK! Magazine, Lucy Pargeter...

Improving wheat yields by increasing grain size, weight

Improving wheat yields by increasing grain size, weight..

29-May, 11:48

Larger, heavier wheat kernels -- that's how associate professor Wanlong...

Former Hillary Clinton aide writing memoir

Former Hillary Clinton aide writing memoir..

19-Apr, 18:16

A former Hillary Clinton aide and speechwriter is writing a book about...

Marathon Oil and Community Health skid; MoneyGram soars

Marathon Oil and Community Health skid; MoneyGram soars..

14-Mar, 17:18

Stocks that moved substantially or traded heavily on Tuesday: MoneyGram...

Seoul: North Korea fires ballistic missile off east coast

Seoul: North Korea fires ballistic missile off east coast..

04-Apr, 19:24

South Korea says North Korea has fired a ballistic missile into the...

O'Reilly apologizes for jest about Maxine Waters' hair

O'Reilly apologizes for jest about Maxine Waters' hair..

29-Mar, 09:40

Fox News personality Bill O'Reilly apologized Tuesday for saying he had a...