Alleged Mirai Botnet Creator Receives Suspended Sentence from German Court

The world was surprised to learn that a massive botnet had shut down multiple popular online services earlier this year. During this attack, platforms such as Facebook, Twitter, Netflix, and plenty of others suffered from extended outages. These attacks were caused by the Mirai botnet, which quickly became synonymous with insecure Internet of Things devices. The botnet’s operator, Daniel Kaye, was arrested, but his sentence has now been suspended.

The Story of Daniel Kaye and Mirai

It is always difficult to prove who is behind a nefarious scheme on the internet. Even though the Mirai botnet caused a lot of havoc — and still remains somewhat of a threat — the official mastermind behind this project has never been identified. Law enforcement officials claim to have substantial proof of UK citizen Daniel Kaye being the one responsible for this attack. However, the investigation is still ongoing and Kaye has not been sentenced to time in jail just yet.

Daniel Kaye allegedly used a botnet built on Mirai to successfully infiltrate unsecured Internet of Things devices and then used them for major DDoS attacks on a global scale. Whether or not that is the case remains to be seen, and Kaye has yet to be officially sentenced for cybercrime. This week, Kaye stood in front of a German court, which issued a suspended sentence for his alleged involvement in the botnet campaign. He will still face cybercrime charges in the United Kingdom.

Kaye was arrested in February of 2017 and charged as the person responsible for kicking 900,000 Germans offline in a botnet attack in November of 2016. Meanwhile, an unknown person with the nickname “Bestbuy” claimed responsibility for the attack and apologized for the inconvenience caused. Reaching out to media outlets to issue this public apology may not have been Bestbuy’s best idea, though, as it immediately put him or her on the radar of law enforcement agencies.

The German court confirmed Kaye’s identity earlier this week, even though European prosecutors had done everything they could to keep the information classified. The suspended sentence is a direct result of his failed attacks using the Mirai botnet. Even though those unsuccessful attacks caused some major ISP issues in Europe and Liberia throughout 2016, they were not viewed as severe enough to warrant an official sentencing. This is a strange decision by the German court, but it will certainly have its reasons.

It seems Daniel Kaye is also connected to GovRAT, a remote access Trojan which has caused massive damage throughout the past twelve months. According to reports, that Trojan was developed and deployed by an individual named Spiderman. However, it appears that Spiderman and Bestbuy are the same person, which could indicate that Daniel Kaye was responsible for both acts of cybercrime.

Kaye pleaded guilty to launching the attacks against Deutsche Telekom customers in 2016 using the Mirai botnet. It is uncommon to see cyber criminals plead guilty to an attack that neither governments nor intelligence agencies could prove. Kaye also stated that he sold access to his Mirai botnet as a DDoS-as-a-service scheme. It is possible most of the attacks originating from this botnet were not executed by Kaye himself, but that remains to be determined by investigators.