“Satori” IoT Botnet Operator Arrested in 2018 and Now Pleads Guilty in Washington

• One of the Satori IoT botnet creators and operators has pleaded guilty of criminal charges.
• He is now facing a huge fine and up to 10 years in prison, but it’s unlikely he will be punished that hard.
• His accomplishes are reportedly also to be arrested and prosecuted soon, as the FBI is closing in.

A 21-year-old named Kenneth Currin Schuchman (nicked “Nexus-Zeta”) has pleaded guilty of aiding and abetting computer intrusions. The man has faced relevant federal charges that connect him with the “Satori” IoT botnet. According to the details that have surfaced on KrebsonSecurity, the young man was one of the three individuals that have developed the Satori botnet and orchestrated its propagation over large networks. The group achieved to harness the bandwidth of over 100000 IoT (Internet of Things) devices of various types and then used the hijacked systems to carry out DoS (Denial of Service) attacks on specific targets.

Source: krebsonsecurity.com

The attacks took place between July 2017 and October 2018, so this comes quite sometime after the dust from Satori’s activity has settled. During the aforementioned period, the group of the three hackers worked meticulously to empower Satori with more IoT exploits, making it a menace for wireless routers, digital video recorders, security cameras, and more. Initially, Satori was based on the Mirai source, but it was developed further to create its own legacy. Two of Satori’s variants named “Okiru” and “Masuta” have compromised over 700000 systems. All of these tools were promoted by the hackers for rent by others who wanted to launch DoS attacks on their own targets.

According to the plea agreement, Schuchman didn’t stop developing new Satori variants even after he got indicted in August 2018 and was let free on supervised release. As it becomes evident from the details of the story, the man wasn’t hiding his online identity very well. The domain name of the C2 server that was used for the botnet activities synchronization was registered to his real name, including the detail about his location (Vancouver, Washington).

Krebs claims that his sources informed him that Schuchman’s co-conspirators will also get a visit from the police, with one of the two being a U.K. resident. The other individual is believed to reside in Alaska, and that the same FBI investigators who brought down the Mirai botnet co-authors are after him. For Schuchman, the possible penalty for his crimes can reach up to 10 years in prison and $250k in fines. However, the fact that the hacker has been diagnosed with autism and Asperger Syndrome will most definitely help him land on a softer punishment ground.

Have something to comment on the above? Feel free to share your thoughts with us in the comments down below, or on our socials, on Facebook and Twitter.