This was where Mirai came in. The botnet was so powerful it
would be able to outcompete any rivals attempting to do the same
thing. But Mirai didn’t remain in the Minecraft world for long. On 30
September 2016, a few weeks before the Dyn attack, Jha and his
friends published the source code behind Mirai on an internet forum.
This is a common tactic used by hackers: if code is publicly
available, it’s harder for authorities to pin down its creators.
Someone else – it’s not clear who – then downloaded the trio’s code
and used it to target Dyn with a DDoS attack.
Mirai’s original creators – who were based in New Jersey,
Pittsburgh and New Orleans – were eventually caught after the FBI
seized infected devices and painstakingly followed the chain of
transmission back to its source. In December 2017, the three
pleaded guilty to developing the botnet. As part of their sentence,
they agreed to work with the FBI to prevent other similar attacks in
the future. A New Jersey court also ordered Jha to pay $8.6 million
in restitution.[12]
The Mirai botnet managed to bring the internet to a halt by
targeting the Dyn web address directory, but on other occasions,
web address systems have helped someone stop an attack. As the
WannaCry outbreak was growing in May 2017, British cybersecurity
researcher Marcus Hutchins got hold of the worm’s underlying code.
It contained a lengthy gibberish web address –
iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com – that WannaCry
was apparently trying to access. Hutchins noticed the domain wasn’t
registered, so bought it for $10.69. In doing so, he inadvertently
triggered a ‘kill switch’ that ended the attack. ‘I will confess that I was
unaware registering the domain would stop the malware until after I
registered it, so initially it was accidental,’ he later tweeted.[13] ‘So I
can only add “accidentally stopped an international cyber attack” to
my résumé.’
One of the reasons Mirai and WannaCry spread so widely is that
the worms were very efficient at finding vulnerable machines. In
outbreak terms, modern malware can create a lot of opportunities for
transmission, far more than their predecessors were capable of. In