Minecraft link to the largest botnet
Malware that led to the internet's largest ever cyber-attack last year was linked to Minecraft servers according to the people who investigated it.
Security blogger Brian Krebs has spent months studying the attack that knocked his blog down.
He claims that the origins for the Mirai botnet can been traced back to rivalries within the Minecraft community.
His claims are confirmed by a security expert who provided net security for Minecraft servers.
Robert Coelho, vice president of security firm ProxyPipe Robert Coelho, vice president of security firm ProxyPipe, told BBC that his suspicions about who was behind the Mirai code have been passed to the FBI who are "actively looking into" the claims.
servers
The botnet Mirai comprised of more than 500,000 web-connected devices such as routers and cameras.
It launched attacks known as denial-of-service (DDoS) that hit web pages with so many data that they fell apart, and were the largest ever.
Victims who were knocked offline included Twitter, Spotify and Reddit.
"Hundreds of hours"
After the attacks, the person claiming responsibility - using the codename Anna Senpai released the source code online, paving the way for copycat attacks.
Later an altered version of the malware was used to attack UK internet service providers TalkTalk or the Post Office.
Since being struck by the Mirai botnet in September 2016, Mr Krebs has put in "hundreds of hours" in identifying who was behind it.
"If you've ever wondered why it seems that so few cyber criminals are prosecuted, I can tell you that the sheer amount of persistence and investigative resources required to determine who's been responsible for what (and the reasons behind it) in the online era is tremendous," he wrote.
His research led him to Minecraft the computer program owned by Microsoft that allows users to create things using cubic blocks.
It has a huge fan base particularly among children, and it is estimated that at any moment, more than more than a million people play it.
According to Mr. Krebs, a large successful Minecraft web server that has more than 1,000 players who log on daily can earn as much as $50,000 (PS40,600) per month, mainly from players renting space to build their Minecraft worlds.
"The first clues to Anna Senpai's identity were not clear until I understood that Mirai was just the most recent incarnation of an IoT [internet of thingsbotnet family that's been in development and relatively widespread use for more than three years," he writes.
The code used in the earlier versions was commonly used to attack servers that hosted Minecraft the game, according to him.
ProxyPipe is owned by Mr. Coelho - had plenty of Minecraft servers as clients. The server in mid-2015 was struck by a massive cyberattack, launched from a botnet comprised of IoT devices such as web cameras.
Mr Coelho stated to the BBC that he had suspicions regarding the person behind the attack: "Minecraft is a tight knit community. We know who is talking.
He alleged that the attack originated from an alternative security company, which also provided DDoS protection to Minecraft clients.
He claimed that the founder and client of the security company had previously managed the Minecraft web server.
He also claims that the Mirai author - Anna Senpai - contacted him via Skype at the end of September, partially to explain that the attack on his business was "not personal" but also to boast that he was compensated by the owners of a large Minecraft server to launch an attack against an opponent server.
What is an DDoS attack and how can it be prevented?
7 March 2016
"Smart" devices are employed in internet attack
22 October 2016