Minecraft links to biggest botnet

According to those who have been investigating the Malware which had launched the nets biggest ever cyber-attack last year, is said to have had links to the Minecraft servers.

A security blogger, Mr Kerbs has been spending months investigating the attack which has knocked his blog offline. He has claimed that the origins of the Mirai botnet can be drawn back to the rivalries in the Minecraft community.

Mr Kerbs claim have been backed up by a security expert who had provided net security for Minecraft servers. Mr Coelho, a security expert has said that his suspicions about who was behind the Mirai code has been passed onto the FBI, who are actively investigating the claims.

Mirai botnet was made up of about more than 500,000 web-connected devices for example web cams and routers. The Denial-of-services attack (DDoS) attacks which Mirai had launched, hit web pages with so much data that they had fallen over was the largest that the net had ever experienced.

Many of the victims that were knocked offline had included Reddit, Twitter and Spotify.

Hundreds of hours

Not long after these attacks, the individual who had been claiming responsibility used the code name “Anna Senpia” had released the source code online which was making way for copycats.

There was a modified form of the malware which was later used to cause an attack on the UK internet service providers TalkTalk and the post office.

Mr Kerbs, has devoted ‘hundreds of hours’ into finding out who was behind the Mirai botnet in September 2016.

“If you’ve ever wondered why it seems that so few internet criminals are brought to justice, I can tell you that the sheer amount of persistence and investigative resources required to piece together who’s done what to whom (and why) in the online era is tremendous” he wrote.

The research had directly led him to the community around Minecraft, which is now owned by Microsoft and it is a computer game where users can build objects from cubic blocks. Minecraft has a huge fan base, especially children and it is estimated that a million people are playing it at any one time.

A large successful Minecraft web server which can have more than 1,000 players logging everyday can earn up to £40,600 ($50,000) per month, mainly from the players who are renting space to build their Minecraft worlds.

“The first clues to Anna Senpia’s identity didn’t become clear until I understood that Mirai was just the latest incarnation of an IoT (internet of things) botnet family that has been in development and relatively broad use for nearly three years” he added.

Earlier versions of the code were often used to knock over any web servers which are used to host Minecraft claimed Mr Kerbs.

new-mirai-attacks

Mr Coelho, who had plenty of Minecraft servers as clients and was hit by a massive attack in mid-2015. The attack was launched from a botnet which was made up of IoT (internet of things) devices for example web cameras.

“Minecraft is a tight knit community. We know who is talking to who.” Mentioned by Mr Coelho, who has had his suspicions about who is behind the attack.

He alleged that the attacks had come from a competing security firm who has also offered DDoS protection to Minecraft clients. Mr Coelho had also mentioned that the founder of the other security firm had previously ran a Minecraft web server and was also one of his clients.

Mr Coelho’s final claim was that the Mirai author, Anna Senpia had made contact with him via Skype at the end of September and partly explained that it was “nothing personal” in regards to the attack on his firm. Anna Senpia had also bragged about being paid by owners of a large Minecraft server to launch an attack on a rival server.