Skip to main content
List Directory
  • News
  • World
  • Business
  • Entertainment
  • Sports
  • Tech and Science
  • Health
Menu
  • News
  • World
  • Business
  • Entertainment
  • Sports
  • Tech and Science
  • Health
IoT Botnet Takedown: Aisuru, Kimwolf, JackSkid & Mossad Disrupted | DDoS Attacks Stopped

IoT Botnet Takedown: Aisuru, Kimwolf, JackSkid & Mossad Disrupted | DDoS Attacks Stopped

March 21, 2026 Sarah Wu - Tech Editor Tech and Science

The U.S. Justice Department, working with Canadian and German authorities, has dismantled the infrastructure supporting four significant Internet of Things (IoT) botnets – Aisuru, Kimwolf, JackSkid, and Mossad – responsible for a surge in large-scale distributed denial-of-service (DDoS) attacks. These botnets, comprised of over three million compromised devices like routers and webcams, have been linked to record-breaking attacks capable of overwhelming nearly any online target. The operation targeted command-and-control (C2) servers and domains used to manage the botnets, aiming to prevent further infections and curtail future attacks.

Image: Shutterstock, @Elzicon.

The Scale of the Threat: Record-Breaking DDoS Attacks

The disruption comes as a response to a dramatic increase in the size and frequency of DDoS attacks. Some of these attacks, orchestrated by the botnets, reached approximately 30 Terabits per second (Tbps), setting new records for the largest attacks observed to date. Cloudflare, a major content delivery network, specifically attributed a massive 31.4 Tbps DDoS attack in November 2025 to the Aisuru/Kimwolf botnet, noting it lasted only 35 seconds. The Hacker News reports that the botnet likewise generated attacks averaging 4 Tbps and 54 million requests per second (Mrps) towards the end of 2025.

How These Botnets Operate: Compromised IoT Devices

These botnets function by infecting vulnerable IoT devices – often those with default or weak passwords – and turning them into “bots” that can be remotely controlled. The infected devices are then used to flood target servers with traffic, overwhelming their capacity and rendering them inaccessible to legitimate users. The Justice Department stated that the individuals controlling these botnets often demanded extortion payments from victims, with some reporting losses of tens of thousands of dollars in remediation costs. The Aisuru botnet issued over 200,000 attack commands, while JackSkid launched at least 90,000. Kimwolf and Mossad issued 25,000 and 1,000 commands respectively.

Kimwolf’s Novel Spreading Mechanism

Aisuru, emerging in late 2024, rapidly infected devices and, by mid-2025, was launching record-breaking attacks. Notably, in October 2025, Aisuru spawned Kimwolf, a variant that introduced a particularly concerning spreading mechanism. Kimwolf could infect devices even when they were hidden behind a user’s internal network, bypassing some traditional security measures. KrebsOnSecurity detailed this vulnerability in January 2026, which helped slow Kimwolf’s spread, but similar botnets have since emerged, leveraging the same techniques.

International Collaboration and Investigation

The takedown was a collaborative effort involving the U.S. Department of Justice, authorities in Canada and Germany, and assistance from nearly two dozen technology companies, including Akamai, Amazon Web Services, Cloudflare, and Google. The Department of Defense Office of Inspector General’s (DoDIG) Defense Criminal Investigative Service (DCIS) executed seizure warrants targeting U.S.-registered domains and servers involved in the attacks. While no arrests have been publicly announced, investigations are ongoing. KrebsOnSecurity identified a 22-year-old Canadian man as a key operator of the Kimwolf botnet in late February, and another suspect is believed to be a 15-year-old residing in Germany.

Impact on the Digital Landscape

The disruption of these botnets has broad implications for internet security. DDoS attacks can disrupt critical online services, impacting businesses, government agencies, and individuals. The sheer volume of traffic generated by these attacks can overwhelm even well-protected networks, leading to outages and financial losses. The fact that these botnets exploited vulnerabilities in IoT devices highlights the growing security risks associated with the proliferation of connected devices. As more devices come online, the potential attack surface expands, making it increasingly challenging to protect against these types of threats. The targeted nature of some attacks, with demands for extortion payments, also underscores the financial motivations behind these criminal activities.

What Comes Next: Mitigation and Ongoing Vigilance

The Justice Department’s action is designed to prevent further infections and limit the botnets’ ability to launch future attacks. However, the threat landscape is constantly evolving. Users are advised to secure their IoT devices by changing default passwords, keeping firmware up to date, and disabling unnecessary features. The Department of Justice emphasizes the importance of ongoing vigilance and collaboration between law enforcement and the private sector to combat these types of threats. Further investigation into the individuals allegedly operating these botnets is expected, and the security community will likely continue to analyze the botnet infrastructure to identify new vulnerabilities and develop more effective mitigation strategies. The emergence of copycat botnets utilizing Kimwolf’s spreading methods suggests a demand for continued research and development of security solutions tailored to the unique challenges posed by IoT devices.

Recent Posts

  • Madison Keys vs. Hanne Vandewinkel Live: French Open 2026 TV Schedule and Streaming Guide
  • Our Strict Quality Control Process for Returned Clothing
  • German Business Sentiment Shows Slight Recovery in May According to Ifo Index
  • The 2-week supplement to avoid travel tummy trouble – plus blood clots worries – The Irish Sun
  • Ukraine Achieves Major Battlefield Successes as Russian Casualties Mount

Recent Comments

No comments to show.
List Directory

List-Directory is a comprehensive directory of businesses and services across the United States. Find what you need, when you need it.

Quick Links

  • Home
  • Privacy Policy
  • Terms of Service

Browse by State

  • Alabama
  • Alaska
  • Arizona
  • Arkansas
  • California
  • Colorado

Connect With Us

Official social links will appear here when available.

List-directory.com
For contact, advertising, copyright, issues email: [email protected]

Privacy Policy Terms of Service