CP
cyberpings
Malware & RansomwareHIGH

DDoS Botnets Disrupted - International Action Taken

BCBleepingComputer
AisuruDDoSKimWolfJackSkidMossad
🎯

Basically, international authorities worked together to stop powerful cybercriminal networks that attack computers.

Quick Summary

International authorities have disrupted major DDoS botnets targeting IoT devices. Millions of devices were compromised, causing significant service disruptions. This operation aims to prevent future attacks and protect critical infrastructure.

What Happened

In a significant international law enforcement operation, authorities from the United States, Germany, and Canada have successfully dismantled the Command and Control (C2) infrastructure of several notorious DDoS botnets, including Aisuru, KimWolf, JackSkid, and Mossad. These botnets have been responsible for launching hundreds of thousands of massive Distributed Denial of Service (DDoS) attacks, targeting various organizations worldwide. Notably, the Aisuru botnet set a staggering record in December with a DDoS attack peaking at 31.4 Tbps and generating 200 million requests per second.

The operation aimed to disrupt the communications of these botnets, effectively limiting their ability to infect more devices and launch future attacks. The U.S. Justice Department reported that these botnets have collectively compromised over three million IoT devices, including web cameras and WiFi routers, many of which are located in the United States.

Who's Being Targeted

The botnets targeted a wide range of victims, including critical infrastructure and telecommunications companies. The attacks have had severe implications, crippling core internet services and causing significant degradation for Internet Service Providers (ISPs) and their customers. The Aisuru botnet alone issued more than 200,000 DDoS attack commands, showcasing the scale and impact of these cybercriminal networks.

Cybercriminals have exploited these botnets using a cybercrime-as-a-service model, allowing them to rent access to launch their own DDoS attacks. This has resulted in substantial financial losses and remediation costs for affected organizations, with some incidents leading to demands for extortion payments.

Signs of Infection

Organizations and individuals may notice signs of infection through unusual network traffic patterns or service disruptions. If a device is part of a botnet, it may exhibit sluggish performance or unusual behavior, such as unexpected reboots or unauthorized access attempts. Monitoring network traffic and employing robust security measures can help identify potential threats early.

How to Protect Yourself

To safeguard against such botnet attacks, it is crucial to implement strong security practices. Here are some recommended actions:

  • Regularly update all IoT devices with the latest firmware.
  • Use strong, unique passwords for device accounts and change them periodically.
  • Employ network monitoring tools to detect unusual activity.
  • Consider using DDoS protection services to mitigate the risk of attacks.

By taking these proactive steps, individuals and organizations can better protect themselves from the pervasive threat of DDoS botnets.

🔒 Pro insight: This operation highlights the growing trend of international collaboration in combating sophisticated DDoS threats targeting IoT devices.

Original article from

BleepingComputer · Sergiu Gatlan

Read Full Article

Share

Related Pings

HIGHMalware & Ransomware

GSocket Backdoor - Malicious Bash Script Discovered

A malicious Bash script has been discovered that installs a GSocket backdoor on victims' computers. This poses a significant risk as the source and delivery method remain unknown. Users should be vigilant and avoid executing untrusted scripts.

SANS ISC·
HIGHMalware & Ransomware

DDoS Botnets Disrupted - Aisuru and Kimwolf Targeted

An international operation has disrupted major DDoS botnets Aisuru and Kimwolf, impacting over 3 million devices. This highlights the ongoing threat of IoT botnets and the need for robust security measures.

SecurityWeek·
HIGHMalware & Ransomware

Malware - SILENTCONNECT Deploys ScreenConnect via VBScript

SILENTCONNECT malware is stealthily targeting Windows machines, using VBScript and PowerShell to deploy ScreenConnect. This poses a significant risk to corporate security. Organizations must enhance their defenses to combat this sophisticated threat.

Cyber Security News·
HIGHMalware & Ransomware

Malware - DoJ Disrupts Massive IoT Botnets Behind DDoS Attacks

The DoJ has disrupted major IoT botnets responsible for record DDoS attacks. Over 3 million devices were compromised, impacting global internet infrastructure. This operation highlights the ongoing threat of IoT vulnerabilities.

The Hacker News·
HIGHMalware & Ransomware

EDR Killers Explained - Attackers Abuse Vulnerable Drivers

ESET researchers reveal the growing threat of EDR killers in ransomware attacks. These tools disable security measures, making organizations vulnerable. Understanding their operation is crucial for effective defense.

WeLiveSecurity (ESET)·
HIGHMalware & Ransomware

Malware - Feds Disrupt IoT Botnets Behind DDoS Attacks

The U.S. Justice Department has disrupted four major IoT botnets responsible for massive DDoS attacks. Over three million devices were compromised, causing significant financial losses for victims. This decisive action aims to prevent future cyber threats and protect vulnerable networks.

Krebs on Security·