International joint action disrupts world’s largest DDoS botnets
Recorded: March 20, 2026, 9 a.m.
| Original | Summarized |
International joint action disrupts world’s largest DDoS botnets News Featured ConnectWise patches new flaw allowing ScreenConnect hijacking New DarkSword iOS exploit used in infostealer attack on iPhones Apple pushes first Background Security Improvements update to fix WebKit flaw GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX International joint action disrupts world’s largest DDoS botnets Microsoft: March Windows updates break Teams, OneDrive sign-ins Ex-data analyst stole company data in $2.5M extortion scheme Navia discloses data breach impacting 2.7 million people Tutorials Latest How to access the Dark Web using the Tor Browser How to enable Kernel-mode Hardware-enforced Stack Protection in Windows 11 How to use the Windows Registry Editor How to backup and restore the Windows Registry How to start Windows in Safe Mode How to remove a Trojan, Virus, Worm, or other Malware How to show hidden files in Windows 7 How to see hidden files in Windows Webinars Latest Qualys BrowserCheck STOPDecrypter AuroraDecrypter FilesLockerDecrypter AdwCleaner ComboFix RKill Junkware Removal Tool Deals Categories eLearning IT Certification Courses Gear + Gadgets Security VPNs Popular Best VPNs How to change IP address Access the dark web safely Best VPN for YouTube Forums Virus Removal Guides HomeNewsSecurityInternational joint action disrupts world’s largest DDoS botnets International joint action disrupts world’s largest DDoS botnets By Sergiu Gatlan March 20, 2026 Authorities from the United States, Germany, and Canada have taken down Command and Control (C2) infrastructure used by the Aisuru, KimWolf, JackSkid, and Mossad botnets to infect Internet of Things (IoT) devices. Red Report 2026: Why Ransomware Encryption Dropped 38% Related Articles: Aisuru Sergiu Gatlan Previous Article Post a Comment Community Rules You need to login in order to post a comment Not a member yet? Register Now You may also like: Popular Stories CISA urges US orgs to secure Microsoft Intune systems after Stryker breach Max severity Ubiquiti UniFi flaw may allow account takeover GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX Sponsor Posts Are refund fraud methods targeting your brand? You can monitor the underground for these threats. Uncover shadow AI apps, users, and risky data sharing. Get started in 5 min. Overdue a password health-check? Audit your Active Directory for free Cut VMware migration time by 60% with Acronis—move workloads faster, with less downtime. Secure your AI agents without sacrificing speed. Follow us: Main Sections News Community Forums Useful Resources Welcome Guide Company About BleepingComputer Terms of Use - Privacy Policy - Ethics Statement - Affiliate Disclosure Copyright @ 2003 - 2026 Bleeping Computer® LLC - All Rights Reserved Login Username Password Remember Me Sign in anonymously Sign in with Twitter Not a member yet? Register Now Help us understand the problem. What is going on with this comment? Spam Abusive or Harmful Inappropriate content Strong language Other Read our posting guidelinese to learn what content is prohibited. Submitting... |
This report details a coordinated international law enforcement operation targeting several prominent Distributed Denial of Service (DDoS) botnets—Aisuru, KimWolf, JackSkid, and Mossad—in March 2026. The operation, undertaken jointly by U.S., German, and Canadian authorities, focused on disrupting the Command and Control (C2) infrastructure utilized by these botnets, which had been responsible for launching widespread attacks against a diverse range of targets. The primary objective was to prevent further infection of Internet of Things (IoT) devices, which comprised over three million infected units including web cameras, digital video recorders, and WiFi routers predominantly located within the United States. These botnets operated under a cybercrime-as-a-service model, selling access to other cybercriminals, and facilitating attacks that resulted in substantial financial losses and remediation costs. The attacks, peaking at over 31.4 Tbps with 200 million requests per second, targeted primarily telecommunications companies, alongside DoD Information Network (DoDIN) IP addresses. Specifically, the Aisuru botnet repeatedly set records with attacks peaking at 29.7 Tbps, while a 500,000 IP address attack attributed to the same botnet reached 15.72 Tbps. Court documents revealed a significant volume of command issuance: over 200,000 DDoS commands from the Aisuru, approximately 25,000 from the KimWolf, over 90,000 from the JackSkid, and more than 1,000 from the Mossad. Cybersecurity firm Akamai highlighted the potential for such botnets to cripple critical internet infrastructure and overwhelm mitigation services, emphasizing the broader impact of these attacks on ISPs and their customers. The investigation revealed that the botnets leveraged older communication methods such as IRC alongside more modern C2 techniques, demonstrating a strategic effort to maintain operational effectiveness. The coordinated action stemmed from a recognition of the growing threat posed by these botnets, evidenced by their continued deployment of sophisticated attacks and their exploitation of vulnerable IoT devices. The operation signifies a heightened focus on disrupting botnet activity and curtailing the impact of DDoS attacks across a range of industries. |