Former Rutgers U. student hacker gets home confinement, has to pay $8.6M in restitution

0
54
Former Rutgers U. student hacker gets home confinement, has to pay $8.6M in restitution


Two years ago, 22-year-old Paras Jha helped create a malicious computer code that just about took down the internet.

Closer to home at Rutgers University where he was a computer science major, Ja also used those coding skills to also knock out the university's internet network — all the while taunting school officials on social media.

Last month Ja was sentenced in Anchorage, Alaska with two others to probation after they agreed to help the FBI with cybercrime in connection with their hatching of the “botnet” that virtually paralyzed chunks of the internet.

And on Friday, a federal judge in Trenton sentenced him to six months of home confinement and ordered him to pay $8.6 million in restitution for his role in the separate attack on Rutgers.

In targeting the Rutgers network, Jha had admitted he had unleashed a series of “distributed denial of service,” or DDoS attacks beginning in 2014, which crashed Rutgers' websites and cut off internet and Wi-Fi access to tens of thousands of students, faculty and employees.

After the university announced it planned to spend $3 million to upgrade its computer security system, it was taunted by someone on Twitter using the screen name “exfocus.”

“where internet go?? 3m dollar gone?” asked one tweet.

Jha also taunted the school's IT department. “The Rutgers infrastructure crumpled like a tin can under the heel of my boot,” he wrote.

Prosecutors said Jha, of Fanwood, who had once described himself as “the untouchable hacker god,” had conspired with Josiah White, 21, of Washington, Pennsylvania, and Dalton Norman, 22, of Metairie, Louisiana, to create a botnet known as “Mirai” that would later be used to virtually paralyze large parts of the internet.

A botnet is essentially the hijacking of hundreds or even thousands of computers through that infected with malicious software and controlled as a group without the knowledge or permission of the computers' owners, which can then be used to flood the internet connection of a targeted server or computers. Such an attack generates a barrage of so many fake requests for information that the server crashes under the assault. At its peak, prosecutors said Mirai consisted of hundreds of thousands of compromised devices.

According to prosecutors, Ja later hired out his code to others, and ultimately published it on hacker websites, where it was used to launch a massive cyber attack that crippled much of the internet in October 2016, crashing Twitter, Netflix and other websites around the world.

While he was not charged with orchestrating that attack, he pleaded guilty to computer fraud charges in December.

Jha, White, and Norman, who prosecutors said had cooperated extensively with the FBI on cybercrime investigations and broader defensive efforts, were sentenced in Alaska last month to five years of probation and more than a year of community service, after pleading guilty to computer fraud charges tied to the Mirai code. The were also were ordered to pay $127,000 in restitution and gave up a “significant amount of cryptocurrency.”

The terms of their sentences include the expectation they will keep helping the FBI.

In the case in New Jersey, Ja alone pleaded to violating the Computer Fraud & Abuse Act in connection with the Rutgers University attack. U.S. District Judge Michael Shipp, in addition to the home confinement, sentenced him to five years of supervised release and ordered him to perform 2,500 hours of community service.

Ted Sherman may be reached at tsherman@njadvancemedia.com. Follow him on Twitter @TedShermanSL. Facebook: @TedSherman.reporter. Find NJ.com on Facebook.





Source link

LEAVE A REPLY

Please enter your comment!
Please enter your name here