CP
cyberpings
Threat IntelHIGH

Threat Intel - Authorities Disrupt Major IoT Botnets

HNHelp Net Security
DDoSIoT botnetsAisuruKimWolfJackSkid
🎯

Basically, authorities shut down powerful networks of hacked devices that caused huge online attacks.

Quick Summary

Authorities have disrupted four IoT botnets behind record DDoS attacks. Millions of devices were targeted, leading to significant financial losses for victims. This operation highlights the urgent need for improved cybersecurity measures.

What Happened

Recent efforts by the U.S. Justice Department, in collaboration with international partners, have successfully disrupted four major IoT botnets linked to record-breaking DDoS attacks. These attacks peaked at an astonishing 30 terabits per second, making them among the largest ever recorded. The botnets involved—Aisuru, KimWolf, JackSkid, and Mossad—infected millions of devices worldwide, primarily targeting Internet of Things (IoT) systems like digital video recorders, web cameras, and WiFi routers.

The operation revealed that botnets like KimWolf and JackSkid compromised devices that were meant to be shielded from direct internet exposure. Once infected, these devices were controlled by cybercriminals who utilized them to launch hundreds of thousands of DDoS attacks against various targets. In many cases, victims faced extortion demands following these attacks, leading to significant financial losses.

Who's Being Targeted

The victims of these botnet attacks range from small businesses to large organizations, all of which faced extensive service disruptions. According to reports, some victims incurred losses amounting to tens of thousands of dollars due to the attacks, which often required costly remediation efforts. The Aisuru botnet alone is said to have issued over 200,000 DDoS attack commands, showcasing the sheer scale of the operation.

As the number of DDoS attacks surged, the total incidents reported in 2025 exceeded 47.1 million, more than doubling from the previous year. This alarming trend underscores the increasing sophistication and frequency of such attacks, particularly those leveraging compromised IoT devices.

Tactics & Techniques

The cybercriminals behind these botnets operated under a cybercrime-as-a-service model, selling access to their networks to other malicious actors. This approach has made it easier for less skilled individuals to execute powerful DDoS attacks without needing extensive technical knowledge. The botnets exploited vulnerabilities in IoT devices, which often lack robust security measures, making them prime targets for infection.

The operation also highlighted the importance of collaboration among law enforcement and industry partners. Special Agent Kenneth DeChellis emphasized that such teamwork was crucial for the success of the disruption efforts, which included executing seizure warrants against U.S.-registered internet domains and virtual servers linked to these criminal activities.

Defensive Measures

As DDoS attacks continue to rise, organizations must adopt proactive measures to protect themselves. This includes implementing advanced security protocols on IoT devices, regularly updating firmware, and employing DDoS mitigation services. Additionally, awareness training for employees can help identify potential threats and reduce the risk of infection.

Moreover, organizations should consider investing in network monitoring tools that can detect unusual traffic patterns indicative of a DDoS attack. By staying informed and prepared, businesses can better defend against the evolving landscape of cyber threats and minimize the impact of such attacks on their operations.

🔒 Pro insight: The dismantling of these botnets signals a critical shift in law enforcement's approach to combating cybercrime, emphasizing the need for robust IoT security measures.

Original article from

Help Net Security · Sinisa Markovic

Read Full Article

Share

Related Pings

HIGHThreat Intel

Threat Intel - US Links Handala Hackers to Iran Government

The US has linked the Handala hacker group to the Iranian government. This connection raises concerns about cyber threats to critical infrastructure. Authorities are taking action by seizing domains used for psychological operations.

SecurityWeek·
HIGHThreat Intel

DDoS Attacks - Major Blow Against International Cybercriminals

In a major crackdown, authorities have dismantled two large DDoS botnets, Aisuru and Kimwolf. These networks posed serious threats to online services, impacting users worldwide. While progress has been made, the risk remains as key actors evade capture. Ongoing vigilance is essential in combating cybercrime.

CSO Online·
HIGHThreat Intel

Threat Intel - Global Law Enforcement Disrupts Major Botnets

A major law enforcement operation has disrupted IoT botnets like AISURU and Kimwolf. Millions of devices were impacted, showcasing the global effort to combat cybercrime. This crackdown aims to reduce the frequency of DDoS attacks and protect victims worldwide.

Security Affairs·
HIGHThreat Intel

Cybercrime Threat - Teens Being Radicalized Online

The NCA warns of a troubling trend: teens are being radicalized into cybercrime through online platforms. This shift is blurring crime boundaries and poses serious risks. Law enforcement is adapting, but the challenge remains significant.

Infosecurity Magazine·
HIGHThreat Intel

Threat Intel - Espionage Reality in Your Infrastructure

Recent espionage activities reveal that enterprises are now within the collection path of threat actors. This shared infrastructure vulnerability poses significant risks. Organizations must adapt their security strategies to mitigate these threats effectively.

CSO Online·
HIGHThreat Intel

Russian APT - Exploits Zimbra XSS Targeting Ukraine Agency

A Russian APT has exploited a Zimbra vulnerability to target a Ukrainian government agency. This attack highlights the sophisticated tactics used by state-sponsored actors. Immediate action is needed to secure vulnerable systems and protect sensitive data.

Cyber Security News·