The British professional hacker behind the 2016 Mirai attack on Lonestar, Liberia’s largest telecom company, was sentenced to two years and eight months in prison, announced the UK National Crime Agency. Daniel Kaye, also known as “BestBuy” and “Spiderman,” was arrested in 2017 in the UK on a European Arrest Warrant, and confessed in December 2018.
Kaye, a 30-year-old hacker-for-hire, launched a wave of DDoS attacks while living in Cyprus. The NCA found he was on a month-to-month contract with an official at Cellcom, a Lonestar competitor. He allegedly received $100,000 for his efforts.
The first series of attacks on Liberia’s Lonestar MTN began in October 2015 through rented botnet and stressor services. As of September 2016, he used a Mirai botnet he created by taking advantage of poor security configurations to corrupt Dahua security cameras. The final attack, in November 2016 at 500 Gbps, took down Liberia’s entire internet network nationwide, leaving the company to struggle for days with mitigation and recovery.
Following the attack, Lonestar lost customers, dealt with tens of millions of US dollars in losses and spent some 600,000 USD on attack prevention and mitigation.
The Mirai DDoS botnet attack also crippled DYN’s DNS and Deutsche Telekom. Kaye also pleaded guilty to the attack on Deutsche Telekom, after he was extradited to Germany, according to British authorities.
“Daniel Kaye was operating as a highly skilled and capable hacker-for-hire,” said Mike Hulett, Head of Operations at the NCCU. “His activities inflicted substantial damage on numerous businesses in countries around the world, demonstrating the borderless nature of cybercrime. The victims in this instance suffered losses of tens of millions of dollars and had to spend a large amount on mitigating action. Working in collaboration with international law enforcement partners played a key role in bringing Daniel Kaye to justice.”