Sign Up
All SecurityCyber-crimePatchesResearchCSO
All Off-PremEdge + IoTChannelPaaS + IaaSSaaS
All On-PremSystemsStorageNetworksHPCPersonal TechCxOPublic Sector
All SoftwareAI + MLApplicationsDatabasesDevOpsOSesVirtualization
All OffbeatDebatesColumnistsScienceGeek's GuideBOFHLegalBootnotesSite NewsAbout Us

Security

Brit hacker hired by Liberian telco to nobble rival now behind bars

Bloke binned at Blackfriars for blasting botnet to bork broadband

Shaun Nichols in San Francisco Mon 14 Jan 2019  //  06:56 UTC

A Surrey man has been jailed for 32 months after admitting to launching distributed denial-of-service (DDoS) attacks against an African telco.

Daniel Kaye, 30, of Egham, told the Blackfriars Crown Court that back in 2016 he took a monthly salary from Liberian company Cellcom to carry out a sustained DDoS against their rival telco Lonestar. According to the National Crime Agency, at its peak Kaye's attack was so heavy that it disabled internet access for most of the country.

Living in Cyprus at the time, Kaye built himself a Mirai botnet pieced together using hijacked Dahua security cameras and infected devices "rented" from other hackers. He then accepted the monthly retainer from Cellcom and proceeded to run the attack in the latter half of 2016.

When the attacks finally subsided, Lonestar said it suffered tens of millions of dollars in lost business and had to directly pay $600,000 to fully ameliorate the effects of the DDoS attack.

That botnet, referred to as "#14" by researchers, was among the largest on the internet, and at one point was said to have accounted for more than half of all Mirai infections on the planet.

Cops: German suspect, 20, 'confessed' to mass hack of local politicians

READ MORE

Kaye was arrested in February of 2017 and pled guilty last month to counts of creating and using a botnet and possessing criminal property. Between that, he also got a free trip to Germany where he was tried for a separate 2016 DDoS on Deutsche Telekom (he would get a suspended sentence for that one.) Kaye was also said to be tied to DDoS attacks against Lloyd's, Barclays, and Halifax banks in the UK.

Though much of the Mirai #14 botnet Kaye used was said to have been machines rented from other hackers, prosecutors described the 30-year-old as a "highly skilled and capable hacker-for-hire" in announcing the two years and eight months prison term this month.

"Kaye was a talented and sophisticated cyber criminal who created one of the world's largest networks of compromised computers which he then made available to other cyber criminals with no consideration as to the damage it would cause," said Russell Tyner from the UK Crown Prosecution Service (CPS).

"The CPS and the NCA together with the authorities in Germany and Cyprus worked closely together in order to bring him to justice." ®
Send us news
46 Comments

US House approves FISA renewal – warrantless surveillance and all

PLUS: Chinese chipmaker Nexperia attacked; A Microsoft-signed backdoor; CISA starts scanning your malware; and more

Head of Israeli cyber spy unit exposed ... by his own privacy mistake

Plus: Another local government hobbled by ransomware; Huge rise in infostealing malware; and critical vulns

Nearly 3M people hit in Harvard Pilgrim healthcare data theft

Also, TheMoon botnet back for EoL SOHO routers, Sellafield to be prosecuted for 'infosec failures', plus critical vulns

Microsoft confirms memory leak in March Windows Server security update

ALSO: Viasat hack wiper malware is back, users are the number one cause of data loss, and critical vulns

It's 2024 and North Korea's Kimsuky gang is exploiting Windows Help files

New infostealer may indicate a shift in tactics – and maybe targets too, beyond Asia

ChatGPT side-channel attack has easy fix: Token obfuscation

Also: Roblox-themed infostealer on the prowl, telco insider pleads guilty to swapping SIMs, and some crit vulns

That home router botnet the Feds took down? Moscow's probably going to try again

Non-techies told to master firmware upgrades and firewall rules. For the infosec hardheads: have some IOCs

Chinese PC-maker Acemagic customized its own machines to get infected with malware

Tried to speed boot times, maybe by messing with 'Windows source code', ended up building a viral on-ramp

Zeus, IcedID malware kingpin faces 40 years in slammer

Nearly a decade on the FBI’s Cyber Most Wanted List after getting banks to empty vics' accounts

Cybercriminals are stealing iOS users' face scans to break into mobile banking accounts

Deepfake-enabled attacks against Android and iPhone users are netting criminals serious cash

Bumblebee malware wakes from hibernation, forgets what year it is, attacks with macros

Trying to break in with malicious Word documents? How very 2015 of you

Chinese Coathanger malware hung out to dry by Dutch defense department

Attack happened in 2023 using a bespoke backdoor, confirming year-old suspicions