Fanwood Man Responsible For Rutgers University Hack Pleads Guilty

FANWOOD, NJ — A Fanwood man admitted Wednesday to launching a cyber attack on the Rutgers University computer network, acting U.S. Attorney William E. Fitzpatrick of the District of New Jersey announced.

Paras Jha, 21, of Fanwood pleaded guilty before U.S. District Judge Michael Shipp in Trenton federal court in the District of New Jersey to violating the Computer Fraud & Abuse Act.

Jha admitted to executing a series of attacks on Rutgers University's networks between November 2014 and September 2016.

The attacks shut down Rutgers University’s central authentication server, which maintained, among other things, the gateway portal through which staff, faculty, and students delivered assignments and assessments, according to Fitzpatrick.

The portal was taken offline for multiple consecutive periods, causing damage to Rutgers University, its faculty and its students, Fitzpatrick said.

“Paras Jha has admitted his responsibility for multiple hacks of the Rutgers University computer system,” acting U.S. Attorney Fitzpatrick said. “The defendant’s actions effectively paralyzed the system for days at a time and maliciously disrupted the educational process for tens of thousands of Rutgers’ students.”

Jha could face a maximum of 10 years in prison and a fine of $250,000, or twice the gross amount of any pecuniary gain or loss derived from the offense, whichever is greater. Sentencing is scheduled for March 13.

Additionally, Jha pleaded guilty on Dec. 8, along with Josiah White, 20, of Washington, Pennsylvania, and Dalton Norman, 21, of Metairie, Louisiana with conspiracy to violate the Computer Fraud and Abuse Act in operating the Mirai Botnet in the District of Alaska.

"In the summer and fall of 2016, White, Jha, and Norman created a powerful botnet – a collection of computers infected with malicious software and controlled as a group without the knowledge or permission of the computers’ owners," Fitzatrick said.

The Mirai Botnet, targeted IoT devices – non-traditional computing devices that have been connected to the Internet, including wireless cameras, routers, and digital video recorders. The three men then tried to get administrative or high-level access to victim devices for the purpose of forcing the devices to participate in the Mirai Botnet.

The three men successfully had hundreds of thousands of compromised devices, which were used in the botnet to conduct a number of powerful “distributed denial of service” (DDOS) attacks, which occur when multiple computers acting in unison flood the Internet connection of a targeted computer or computers.

Jha then shared the the source code for Mirai on a criminal forum in the fall of 2016, allowing other criminal actors to use Mirai variants in a variety of other attacks, Fitpatrick said.

From December 2016 to February 2017, more than 100,000 primarily U.S.-based Internet-connected computing devices, such as home Internet routers, were infected with malicious software.

That malware caused the hijacked home Internet routers and other devices to form a powerful botnet. They then used the compromised devices as a network of proxies through which they routed Internet traffic. The victim devices were used primarily in advertising fraud, including “clickfraud,” a type of internet-based scheme that utilizes “clicks,” or the accessing of URLs and similar web content, for the purpose of artificially generating revenue.

For more information on cybersecurity best practices for IoT devices click here.

(Image via Shutterstock)

Have a news tip? Email alexis.tarrazi@patch.com.