Malware developers are often quite impressive when it comes to the new features they introduce. However, not all of these developers are the sharpest tools in the proverbial shed either. One individual in particular somehow managed to use the same Skype ID for applying to jobs and running a major Internet of Things botnet. This was not a smart idea, as it also allowed this person to be identified pretty easily.
A Rookie Mistake by a Botnet Developer
Mistakes like these are very rare, but do happen more than people think. Cybercriminals often leave a trail of digital bread crumbs that officials can follow to potentially reveal their identities at some point. Sometimes these cybercriminals make it painfully easy for law enforcement to identify them. One recently used the same Skype ID to run an IoT botnet and apply for freelance jobs.
The user in question is known as DaddyL33T, which is not the most original creation in history either. He is a well-known malware developer who operates a big Internet of Things botnet. He is also the entity running the DaddyHackingTeam portal, which will soon launch a botnet control panel. All things considered, this is one busy individual, even though he is active in the wrong industry.
Although the aforementioned botnet service is still officially under construction, the website is home to multiple repositories containing source code from multiple malware families. It is unclear if these malware types were all developed by DaddyL33T, but it seems safe to assume he was involved in all of these creations. Otherwise, there would be no need for him to host these repositories on the website whatsoever. DaddyL33T also has a HackForums profile, where he is known as DaddyPVP.
The post history of this user on HackForums mainly involves the botnet he hopes to bring to market in the near future. It does appear this individual is not necessarily an expert on the topic, since he has been asking for a lot of help in recent weeks. That being said, he is clearly capable of putting together a working botnet. It is believed the botnet in question is related to QBot, which is currently being modified to become an even bigger threat.
As his nickname suggests, though, DaddyL33T does not appear to be a grown man. Instead, researchers believe he is merely 13 years old, a fact which was confirmed through a private conversation between DaddyL33T and Newsky Security researcher Ankit Anubhav. This revelation does not come as a big surprise, and it would also explain why he uses the same Skype ID for hacking purposes and applying for freelance jobs. Several of DaddyL33T’s applications have been discovered on an unnamed freelancing portal where he tells interested parties to contact him via the same Skype ID.
The DaddyL33T persona is quite an interesting creature, although he may have set himself up for some major repercussions. While this person might claim immunity due to his status as a juvenile, that should not be assumed to be the case. The bigger problem is that a 13-year-old could set up a powerful botnet mainly by copy-and-pasting code and using basic knowledge to make small changes. The recent wave of global cyberattacks has inspired some younger individuals to bask in the glory of online crime. This is not a positive development by any stretch of the imagination.