In August 2016 the Mirai Botnet was unleashed, using millions of poorly secured IoT devices to launch a number of DDoS attacks that resulted in relatively minor impact by taking down the website of security analyst Brian Krebs through to clobbering the Dyn network which, in turn, resulted in some of the world's biggest websites dropping off the Internet. The creators of the Mirai software have been charged and have pleaded guilty in a US court.
While Paras Jha, Josiah White, 20, and Dalton Norman didn't carry out the Dyn attacks, they were involved in other attacks and, once the source code for Mirai was made open source, they enabled others to build on their work.
Court documents allege that they created Mirai in order to launch revenge attacks against competitors and people they didn't like. It's a bit like the old days of the script kiddies. But rather than mischievous teens trying to hack NORAD for a game of chess, they used their skills to, ultimately, cause significant disruption. But they also rented the Botnet out for a fee.
Jha and Norman were also charged with running an online fraud scheme that netted them about 200 bitcoin. At the time they were charged those bitcoins were worth about US$190,000. Today, they're nudging US3.5M.
What's interesting is that we often think of the Internet as the Wild West and finding and prosecuting threat actors is impossible. But the reality is law enforcement can get their act together and catch the bad guys when the level of the crime justifies the effort.