A US court ruled out Minecraft as the major reason for the Mirai botnet’s existence.
If you are interested in computer games, then you must have heard or even played Minecraft — a game where players are allowed to craft their imaginative worlds and maintain it. The second most popular game in the world has had players and IT companies going mad for it, with Microsoft getting rights to own and improve the game in 2014. However, it has now come out that Minecraft has resulted in one of the deadliest cyberattacks in human history, that crippled some Internet networks in America and China — the Mirai botnet.
An Alaskan court has found three men — Paras Jha, Dalton Norman and Josiah White, guilty of creating the deadly botnet that crippled half of the world’s networks. Mirai infected several Internet-of-Things (IoT) devices in 2016 and formed a large network of such devices that could cause a DDoS (Directed Denial of Service) attack on a particular network. Mirai got some of the prominent names in the IT world scratching their heads as to figure out ways to tackle the botnet.
However, the creators of Mirai claimed that wrote the botnet to simply earn profits from Minecraft players. If you have played Minecraft, you know that players can purchase additional space to maintain their ‘blocky creations’. Sometimes, players can also rent spaces to other players in multiplayer mode. Therefore, several entrepreneurs have started hosting dedicated Minecraft servers and earn almost $100,000 a month. For an individual player, the Minecraft experience may differ from other because every single server has got its own set of rules, allowing for interesting challenges.
Paras Jha, Dalton Norman and Josiah were also a part of this normal Minecraft server entrepreneur game until they decided to force players from other servers on to theirs by clogging their networks. Therefore, Mirai came into existence and started performing for them very well. However, Mirai started outperforming the creator’s expectations, affecting the Internet outside Minecraft badly. It is said that Mirai controlled more than 300,000 hacked devices at its peak, with up to 185 million devices expected to be vulnerable.
Mirai took advantage of poor security protocols in IoT devices around the world. It was found that the majority of devices affected by Mirai, such as security cameras, routers and others, were using default manufacturer security settings, which were not as strong to defend a threat like Mirai. The creators of Mirai found potential in the botnet and therefore went on to fine-tune it to improve its abilities. They even started leasing Mirai to other cybercriminals, who used them around the world for their own vested interests. Jha and his company later also started extorting money from the companies that were affected by the botnet in exchange for resuming activity on their networks.
As of now, the court hasn’t taken any action on the creators of the deadly botnet. However, this attack also proved that cyber attacks are not only limited to computers and smartphones but also possible on simple devices intended to make our lives a lot easier. It also shows that server-based multiplayer games are still one of the major targets for cybercriminals to cause widespread mayhem. Therefore, OEMs are now required to practice stringent security solutions in their software solutions to safeguard their customers from similar attacks in the future.
(With inputs from Newsweek)
(also published on Deccan Chronicle)