Cybersecurity

DOJ Dismantles Aisuru and Three Other Massive IoT Botnets Behind Record 30 Tbps DDoS Attacks

Summary

The U.S. Department of Justice, working with Canadian and German authorities, announced the successful dismantlement of four major IoT botnets: Aisuru, Kimwolf, JackSkid, and Mossad. The operation targeted command-and-control infrastructure responsible for some of the largest DDoS attacks ever recorded, with Aisuru alone capable of generating approximately 30 terabits per second of attack traffic.

The four botnets collectively compromised over 3 million IoT devices globally — routers, webcams, and digital video recorders — with hundreds of thousands located in the United States. Operating as a “cybercrime-as-a-service” model, the operators sold access to their enslaved device networks, enabling over 200,000 DDoS attack commands from Aisuru alone. The attacks targeted entities including the Department of Defense Information Network (DoDIN).

The operation involved seizing U.S.-registered internet domains and virtual servers, with parallel law enforcement actions in Canada and Germany targeting individuals allegedly involved in operations. Nearly two dozen tech companies, including AWS, Google, and Cloudflare, assisted in the takedown.

Source

Reported by the U.S. Department of Justice and covered by Krebs on Security.

Commentary

30 terabits per second from compromised routers and baby monitors. That’s the state of IoT security in 2026. While the takedown is a significant win for international law enforcement cooperation, security experts are right to caution that new botnets will inevitably emerge — the pool of insecure IoT devices remains vast and largely unpatched.

The “cybercrime-as-a-service” angle is particularly concerning. These weren’t sophisticated state actors; they were commercial operations selling DDoS-on-demand. As long as manufacturers continue shipping devices with default credentials and no automatic updates, this is a hydra problem — cut one head, two more appear. The real fix is upstream: mandatory security standards for IoT devices, not just downstream takedowns.

Related Posts

You May Have Missed

Powered by
Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
None
Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
None
Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
None
Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
None
Powered by