The British professional hacker behind
the 2016 Mirai attack on Lonestar, Liberia’s largest telecom company, was sentenced
to two years and eight months in prison, announced
the UK National Crime Agency. Daniel Kaye, also known as “BestBuy”
and “Spiderman,” was arrested in 2017 in the UK on a European Arrest
Warrant, and confessed in December 2018.
Kaye, a 30-year-old hacker-for-hire,
launched a wave of DDoS attacks while living in Cyprus. The NCA found he was on
a month-to-month contract with an official at Cellcom, a Lonestar competitor.
He allegedly received $100,000 for his efforts.
The first series of attacks on
Liberia’s Lonestar MTN began in October 2015 through rented botnet and stressor
services. As of September 2016, he used a Mirai botnet he created by taking
advantage of poor security configurations to corrupt Dahua security cameras. The
final attack, in November 2016 at 500 Gbps, took down Liberia’s entire internet
network nationwide, leaving the company to struggle for days with mitigation
Following the attack, Lonestar
lost customers, dealt with tens of millions of US dollars in losses and spent
some 600,000 USD on
attack prevention and mitigation.
The Mirai DDoS botnet attack also
crippled DYN’s DNS and Deutsche Telekom. Kaye also pleaded guilty to the attack
on Deutsche Telekom, after he was extradited to Germany, according to British
“Daniel Kaye was operating as a
highly skilled and capable hacker-for-hire,” said Mike Hulett, Head of
Operations at the NCCU. “His activities inflicted substantial damage on
numerous businesses in countries around the world, demonstrating the borderless
nature of cybercrime. The victims in this instance suffered losses of tens of
millions of dollars and had to spend a large amount on mitigating action. Working
in collaboration with international law enforcement partners played a key role
in bringing Daniel Kaye to justice.”