Incidents

Federal prosecutors indict 20-year-old youngster behind Satori botnet

The young man from Washington was indicted last week on federal hacking charges

After Mirage botnet source code leaked online, numerous gangs of short-aged hackers became involved in dangerous activities. Based on a robust software infrastructure, Mirai still seems to be quite functional and lethal, as it requires minimal effort to update it and it does not need a very talented hacker. In other words, infecting lots of systems with a botnet today is very easy and the attack pattern seems clear and uncomplicated: Download the source code of Mirai and change the exploits, but this time the story did not have a happy ending for the hacker.

Ethical hacking experts from the International Institute of Cyber Security Report that a 20-year-old man from Washington was indicted last week on federal hacking charges after rival actors pointed to him as the creator of a botnet that compromised routers from all over the world.

Last December, ethical hacking specialists from a cybersecurity firm discovered the link between the botnet known as Satori and an amateur hacker identified as Nexus Zeta, who frequented a web forum for amateur hackers. Two months later, a Pastebin message that happened almost unnoticed intended to reveal the true identity of Nexus Zeta, identifying as Kenneth Schuchman, who turned out to be the same person recently indicted.

Schuchman, who lives in Vancouver, Washington with his father, now faces this accusation, although the indict does not mention the malware, it is reported that all signs point to the botnet Satori, which emerged last fall and has infected at least 500k Internet routers around the world.

The activity of botnet Satori has been closely observed by experts in ethical hacking since the end of last year, and they have identified the phases of its development:

  • Researchers discovered a Zero-day vulnerability (tracked as CVE-2017-17215) on the Huawei HG532 home router, and hundreds of thousands of attempts to exploit it were also identified.
  • The delivered payload was identified as OKIRU/Satori, an updated variant of Mirai software.
  • The suspect behind the attack was identified by his nickname, Nexus Zeta

For these cybercriminals wannabe, the emotional stability is a weak point, because it is reported that Schuchman boasted of being a black hat hacker even in his social media profiles, like Facebook, without worrying in any way to assume the responsibility for his actions.

 

To Top

Pin It on Pinterest

Share This