Would make a good book/movie maybe... Who is Anna-Senpai, the Mirai Worm Author? — Krebs on Security Once ProxyPipe’s Skype accounts were disabled, the company’s servers were hit with a massive, constantly changing DDoS attack that disrupted ProxyPipe’s service to its Minecraft server customers. Coelho said within a few days of the attack, many of ProxyPipe’s most lucrative Minecraft servers had moved over to servers protected by ProTraf Solutions. “In 2015, the ProTraf guys hit us offline tons, so a lot of our customers moved over to them,” Coelho said. “We told our customers that we knew [ProTraf] were the ones doing it, but some of the customers didn’t care and moved over to ProTraf anyway because they were losing money from being down.” I found Coelho’s story fascinating because it eerily echoed the events leading up to my Sept. 2016 record 620 Gbps attack. I, too, was contacted via Skype by Sculti — on two occasions. The first was on July 7, 2015, when Sculti reached out apropos of nothing to brag about scanning the Internet for IoT devices running default usernames and passwords, saying he had uploaded some kind of program to more than a quarter-million systems that his scans found. Here’s a snippet of that conversation: July 7, 2015: 21:37 CJ: Crooks Use Hacked Routers to Aid Cyberheists — Krebs on Security 21:37 CJ: vulnerable routers are a HUGE issue 21:37 CJ: a few months ago 21:37 CJ: I scanned the internet with a few sets of defualt logins 21:37 CJ: for telnet 21:37 CJ: and I was able to upload and execute a binary 21:38 CJ: on 250k devices 21:38 CJ: most of which were routers 21:38 Brian Krebs: o_0 The second time I heard from Sculti on Skype was Sept. 20, 2016 — the day of my 620 Gbps attack. Sculti was angry over a story I’d just published that mentioned his name, and he began rather saltily maligning the reputation of a source and friend who had helped me with that story.
