Daniel Kaye, a Surrey-based hacker, has been sentenced to 32 months in prison by the Blackfriars Crown Court for launching a devastating DDoS attack on Liberian mobile network Lonestar that cost the company millions of pounds in lost revenue between October 2016 and February 2017.
Kaye admitted before the Crown Court that he had been paid USD 30,000 (£23,000) by a rival company to launch a crippling DDoS attack on Lonestar MTN, Liberia’s biggest internet provider, in November last year. Using a Mirai botnet, Kaye took control over thousands of Internet-connected devices belonging to Lonestar and rendered the company's IT network unoperational, resulting in huge losses for the firm.
Kaye developed a unique variant of the Mirai botnet, named it Mirai £14, and used the new botnet to scan for thousands of internet-connected Lonestar devices. Once the botnet infiltrated the devices, Lonestar's server crashed and the company's revenue dipped from USD 84 million in October 2016 to just USD 17 million in February 2017.
According to Akamai Technologies Inc, Mirai botnets are being used increasingly and strategically by hackers to cripple businesses. In December 2016, a Mirai botnet attack on Deutsche Telekom resulted in widespread internet outages and hundreds of thousands of customers faced connectivity issues. A similar Mirai botnet attack on DNS provider Dyn had disrupted popular services and websites including Amazon, Netflix, and Spotify.
Mirai £14 botnet used repeatedly in DDoS attacks
Aside from taking down Lonestar's network, Kaye is also accused of launching DDoS attacks using the Mirai £14 botnet on Lloyds, Halifax, Bank of Scotland and Barclays banks in 2017. He was arrested and extradited from Germany in September last year following a detailed investigation carried out by the National Crime Agency, and was subsequently slapped with nine charges under the Computer Misuse Act and other charges for blackmailing and possessing criminal property.
In January 2017, the Lloyds Banking Group suffered a temporary disruption in its internet services after it received millions of fake requests that prevented many genuine customers from accessing banking services. In the middle of such attacks, the group received a £75,000 ransom demand from a hacker who said he'll stop the attacks if the money is paid.
The bank decided not to pay the ransom but instead invested £190,000 to get its internet services back online. Shortly afterward, Barclays bank found itself at the receiving end of a similar DDoS attack that interrupted its internet services. Like Lloyds, Barclays paid £146,000 to resume its online operations instead of bowing to Kaye's demands.
In both instances, while the banks suffered temporary disruptions, they did not suffer any financial losses nor was any data belonging to their customers compromised.