Previous All Posts Next

How Minecraft Links to State-Sponsored Hacking

Posted: March 20, 2017 to Cybersecurity.

Tags: Malware, Data Breach, Cloud Security

Let’s face it, state-sponsored hackers are scary. They have the knowledge and resources wreak havoc on governments and individual citizens alike. Take the Dyn DDoS hack that happened last fall. Dyn is an internet performance management company that provides internet infrastructure, so when they were hit by a large DDoS attack that shut down their site people all over the U.S. lost internet access. The Dyn attack was the scale of a state-sponsored hack, but would you believe that the malware behind it was created mainly to knock Minecraft servers offline to funnel business to a DDoS mitigation service owned by a college student? There’s no definite ruling yet, but according to cybersecurity journalist Brian Krebs that’s the most likely origin for one of the most dangerous malwares created. After Brian Krebs site was brought down by a DDoS attack he investigated Anna-Senpai, the online username who originally created and open sourced the Mirai malware that infects IoT devices and launches DDoS attacks using them. Here’s a summary of what he found. Krebs began his investigation by tracing Mirai back to the first types of DDoS malware. He found that the first time malware like Mirai was used was by a group of hackers called “lelddos.” One of lelldos favorite targets was Minecraft servers. Lelddos would launch a DDoS attack which shut down the server. The companies and individuals who were hired to protect Minecraft servers, like ProxyPipe, Inc., were sent scrambling to get the servers back up because every minute they were down resulted in players leaving their servers which meant a loss of revenue. With the help of a ProxyPipe executive, Krebs traced the attacks that were shutting down other servers to ProTraf Solutions, another DDoS protection provider that specialized in Minecraft servers. After investigating a few sources, Krebs found out that lledos was comprised mainly of the owners of ProTraf Solutions, who are 19-year-old Josiah White and 20-year-old Paras Jha. ProxyPipe believed that ProTraf was shutting down their Minecraft servers to woo their customers over to them. Krebs contacted White and was told that White helped write the code for another DDoS malware, Bashlite/Qbot. Curiously, Anna-Senpai had posted before that he was going to shut down bots using Qbot, and did. This led Krebs to investigate Paras Jha and he found that his hacking skills matched those of Anna-Senpai. At the same time, ProxyPipe was reporting abuse to the server providers that were carrying Miria’s botnet. After being ignored, ProxyPipe could get a few of the servers carrying Miria bots shut down. This caused Anna-Senpai to reach out the ProxyPipe directly. During the conversation, Anna-Senapi said that he had been doing the same thing to shut down Qbot servers and freeing up other bots that he could use for Mirai attacks. Based on the information from their chat, Krebs then traced Anna- Senpai to another account that was responsible for over half a dozen DDoS attacks on Rutgers University. It just so happens that Paras Jha is a student at Rutgers. Krebs even found a friend of Jha’s who said that Jha admitted to him that he was behind Maria and the Rutgers attacks. According to the source, Jha even bragged that the FBI was contacting him and that he had fooled them. Of course, after Krebs published his findings, Jha denied he was guilty and said that whoever was behind Miria was a sociopath, which he was not. You can read the full story and judge for yourself if Jha is guilty, but this story has a frightening moral. Teenagers and college students are creating software for simple reasons like shutting down Minecraft servers, without either realizing or caring that the software could be used by state actors with much darker intentions. If there has ever been a time to buckle down and get serious about your own cybersecurity, it’s now.

Protect Your Business Today

Petronella Technology Group has provided cybersecurity, compliance, and managed IT services from Raleigh, NC for over 23 years. Contact us today for a free consultation and technology assessment.

Need help implementing these strategies? Our cybersecurity experts can assess your environment and build a tailored plan.
Get Free Assessment
Explore Our Services
Cybersecurity AI Services Compliance HIPAA CMMC Managed IT

Related Articles

NIST CSF 2.0: What Changed, Why It Matters, and How to Update Your Cybersecurity Program [Video + Guide] NIST CSF 2.0: What Changed, Why It Matters, and How to Update Your Cybersecurity Program [Video + Guide] Incident Response Planning: Build a Cyber Incident Response Plan That Actually Works in 2026 [Video + Guide] Incident Response Planning: Build a Cyber Incident Response Plan That Actually Works in 2026 [Video + Guide] Email Security for Business: Stop Phishing, BEC, and Email-Based Attacks Before They Cost You Millions [Video + Guide] Email Security for Business: Stop Phishing, BEC, and Email-Based Attacks Before They Cost You Millions [Video + Guide] Network Segmentation Guide: How to Contain Breaches and Protect Critical Systems with Proper Network Design [Video + Guide] Network Segmentation Guide: How to Contain Breaches and Protect Critical Systems with Proper Network Design [Video + Guide]

About the Author

Craig Petronella, CEO and Founder of Petronella Technology Group
CEO, Founder & AI Architect, Petronella Technology Group

Craig Petronella founded Petronella Technology Group in 2002 and has spent more than 30 years working at the intersection of cybersecurity, AI, compliance, and digital forensics. He holds the CMMC Registered Practitioner credential (RP-1372) issued by the Cyber AB, is an NC Licensed Digital Forensics Examiner (License #604180-DFE), and completed MIT Professional Education programs in AI, Blockchain, and Cybersecurity. Craig also holds CompTIA Security+, CCNA, and Hyperledger certifications.

He is an Amazon #1 Best-Selling Author of 15+ books on cybersecurity and compliance, host of the Encrypted Ambition podcast (95+ episodes on Apple Podcasts, Spotify, and Amazon), and a cybersecurity keynote speaker with 200+ engagements at conferences, law firms, and corporate boardrooms. Craig serves as Contributing Editor for Cybersecurity at NC Triangle Attorney at Law Magazine and is a guest lecturer at NCCU School of Law. He has served as a digital forensics expert witness in federal and state court cases involving cybercrime, cryptocurrency fraud, SIM-swap attacks, and data breaches.

Under his leadership, Petronella Technology Group has served 2,500+ clients, maintained a zero-breach record among compliant clients, earned a BBB A+ rating every year since 2003, and been featured as a cybersecurity authority on CBS, ABC, NBC, FOX, and WRAL. The company leverages SOC 2 Type II certified platforms and specializes in AI implementation, managed cybersecurity, CMMC/HIPAA/SOC 2 compliance, and digital forensics for businesses across the United States.

CMMC-RP NC Licensed DFE MIT Certified CompTIA Security+ Expert Witness 15+ Books
Related Service
Protect Your Business with Our Cybersecurity Services

Our proprietary 39-layer ZeroHack cybersecurity stack defends your organization 24/7.

Explore Cybersecurity Services
Previous All Posts Next
Free cybersecurity consultation available Schedule Now