International joint action disrupts world’s largest DDoS botnets
Recorded: March 20, 2026, 9 a.m.
| Original | Summarized |
International joint action disrupts world’s largest DDoS botnets News Featured ConnectWise patches new flaw allowing ScreenConnect hijacking New DarkSword iOS exploit used in infostealer attack on iPhones Apple pushes first Background Security Improvements update to fix WebKit flaw GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX International joint action disrupts world’s largest DDoS botnets Microsoft: March Windows updates break Teams, OneDrive sign-ins Ex-data analyst stole company data in $2.5M extortion scheme Navia discloses data breach impacting 2.7 million people Tutorials Latest How to access the Dark Web using the Tor Browser How to enable Kernel-mode Hardware-enforced Stack Protection in Windows 11 How to use the Windows Registry Editor How to backup and restore the Windows Registry How to start Windows in Safe Mode How to remove a Trojan, Virus, Worm, or other Malware How to show hidden files in Windows 7 How to see hidden files in Windows Webinars Latest Qualys BrowserCheck STOPDecrypter AuroraDecrypter FilesLockerDecrypter AdwCleaner ComboFix RKill Junkware Removal Tool Deals Categories eLearning IT Certification Courses Gear + Gadgets Security VPNs Popular Best VPNs How to change IP address Access the dark web safely Best VPN for YouTube Forums Virus Removal Guides HomeNewsSecurityInternational joint action disrupts world’s largest DDoS botnets International joint action disrupts world’s largest DDoS botnets By Sergiu Gatlan March 20, 2026 Authorities from the United States, Germany, and Canada have taken down Command and Control (C2) infrastructure used by the Aisuru, KimWolf, JackSkid, and Mossad botnets to infect Internet of Things (IoT) devices. Red Report 2026: Why Ransomware Encryption Dropped 38% Related Articles: Aisuru Sergiu Gatlan Previous Article Post a Comment Community Rules You need to login in order to post a comment Not a member yet? Register Now You may also like: Popular Stories CISA urges US orgs to secure Microsoft Intune systems after Stryker breach Max severity Ubiquiti UniFi flaw may allow account takeover GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX Sponsor Posts Are refund fraud methods targeting your brand? You can monitor the underground for these threats. Overdue a password health-check? Audit your Active Directory for free Cut VMware migration time by 60% with Acronis—move workloads faster, with less downtime. Uncover shadow AI apps, users, and risky data sharing. Get started in 5 min. Secure your AI agents without sacrificing speed. Follow us: Main Sections News Community Forums Useful Resources Welcome Guide Company About BleepingComputer Terms of Use - Privacy Policy - Ethics Statement - Affiliate Disclosure Copyright @ 2003 - 2026 Bleeping Computer® LLC - All Rights Reserved Login Username Password Remember Me Sign in anonymously Sign in with Twitter Not a member yet? Register Now Help us understand the problem. What is going on with this comment? Spam Abusive or Harmful Inappropriate content Strong language Other Read our posting guidelinese to learn what content is prohibited. Submitting... |
This report details a significant international law enforcement operation targeting several large Distributed Denial of Service (DDoS) botnets – Aisuru, KimWolf, JackSkid, and Mossad – orchestrated between the United States, Germany, and Canada. The core objective of the coordinated action was to disrupt the Command and Control (C2) infrastructure supporting these botnets, effectively preventing further IoT device infections and future DDoS attacks. The operation’s success stemmed from identifying and neutralizing virtual servers, internet domains, and other associated infrastructure utilized by the botnets. Specifically, the Justice Department revealed substantial data regarding the botnets' activities, including the issuance of over 200,000 DDoS attack commands by the Aisuru botnet, 25,000 by the KimWolf botnet, 90,000 by the JackSkid botnet, and over 1,000 by the Mossad botnet. These botnets had amassed a staggering infection footprint, compromising over three million IoT devices – encompassing web cameras, digital video recorders, and WiFi routers – predominantly located within the United States. The botnets operated under a cybercrime-as-a-service model, selling their capabilities to other cybercriminals, facilitating attacks that resulted in considerable financial losses and remediation costs. Instances of extortion demands, leveraging the disruptive potential of these attacks, were also identified. The attacks, as exemplified by a peak of 31.4 Tbps achieved by the Aisuru botnet in a recent December incident, demonstrated their capacity to overwhelm network infrastructure, severely impacting telecommunications companies and even cloud-based mitigation services. Akamai, a cybersecurity and cloud computing firm, highlighted the critical risk posed by these attacks, emphasizing the potential to cripple core internet services and demanding significant remediation costs. The impact was measured in terms of massive request per second throughput as well as the sheer volume of attacks. Investigations revealed these botnets utilized older communication methods, such as outdated IRC channels, to maintain command and control, suggesting a reliance on established technologies rather than sophisticated, modern C2 frameworks. The involvement of entities like the Department of Defense Information Network (DoDIN) as targets underscores the potential for these threats to directly impact critical national infrastructure. This coordinated response represents a significant deterrent against the continuation of these malicious activities and highlights the importance of international cooperation in combating sophisticated cyber threats. |