“Plusieurs millions d'appareils infectés” : désactivation des #botnets IoTs Aisuru, JackSkid, Mossad et KimWolf !

blog.sosordi.net/2026/03/plus...

#securite #Internet #IoT #data

Cyberattack on a Car Breathalyzer Firm Leaves Drivers Stuck Plus: The FBI admits it’s buying phone data to track Americans, Iranian hackers disrupt medical care at Maryland hospitals, and more.

US law enforcement this week took down the Aisuru, Kimwolf, JackSkid, and Mossad #botnets, a slate of cybercriminal tools that have infected more than 3M devices around the world, including many inside home networks, and have been used to carry out record-breaking cyberattacks.

#DarkSword #Russia

US Takes Down Botnets Used in Record-Breaking Cyberattacks The Aisuru, Kimwolf, JackSkid, and Mossad botnets had infected more than 3 million devices in total, many inside home networks, according to the US Justice Department.

US Takes Down #Botnets Used in Record-Breaking #Cyberattacks

The Aisuru, Kimwolf, JackSkid, and Mossad botnets had infected more than 3 million devices in total, many inside home networks, according to the US Justice Department.

FBI downs 4 Botnets: Aisuru, Kimwolf, JackSkid, Mossad
krebsonsecurity.com/2026/03/feds...

#botnets #ddos #hackers #extortion #crimeasaservice #arrests #usa #germany #canada

Plusieurs « botnets », ces réseaux de millions d’appareils connectés utilisés pour des cyberattaques, mis hors service par une opération internationale Ces réseaux de machines infectées étaient utilisés pour lancer de nombreuses attaques par déni de service.

Plusieurs « #botnets », ces réseaux de millions d’appareils connectés utilisés pour des #cyberattaques, mis hors service par une opération internationale (Ces réseaux de machines infectées étaient utilisés pour lancer de nombreuses attaques par déni de service.
www.lemonde.fr/pixels/artic...

Le gouvernement américain démantèle des réseaux de botnets après une opération internationale Principaux renseignements Le gouvernement américain a démantelé quatre réseaux de botnets à grande échelle lors d’une opération internationale coordonnée. Cette opération réussie découle d’une collaboration étroite entre le ministère américain de la Justice, le ministère de la Défense et les autorités du Canada et de l’Allemagne. Bien que cette coalition internationale ait pris le contrôle […]

Le gouvernement américain démantèle des réseaux de botnets après une opération internationale #Botnets #SécuritéInformatique #CyberSécurité #GouvernementAméricain #OpérationInternationale

4 Major Botnets Dismantled: Aisuru, KimWolf, JackSkid, Mossad A joint US-led cybersecurity operation dismantled the four major botnets, mitigating severe DDoS attacks and exposing critical IoT vulnerabilities.

Full breakdown:
www.technadu.com/4-major-botn...

Are IoT devices becoming the largest unregulated attack surface in cybersecurity today? And should stricter regulations be enforced on manufacturers?
#CyberSecurity #Botnets #IoT #DDoS #Infosec

US Dismantles Four Major Botnets Behind Massive DDoS Attacks The United States Department of Justice (DOJ), in collaboration with the Defense Criminal Investigative Service and international partners from Canada and Germany, has dismantled four of the world’s largest botnets—Aisuru, Kimwolf, JackSkid, and Mossad. These networks collectively infected more than 3 million devices around the globe, many of them inside home networks. According to cybersecurity firm Cloudflare, the Aisuru and Kimwolf botnets alone were responsible for some of the biggest distributed denial-of-service (DDoS) attacks ever recorded, including a 31.4-terabit-per-second assault last November that nearly tripled previous volume records. Aisuru primarily targeted internet-connected devices like DVRs, webcams, and network hardware, while Kimwolf focused on Android-based devices such as smart TVs and set-top boxes. Both were variants of Mirai, the infamous 2016 botnet that revolutionized IoT-based cyberattacks. Experts explained that these new strains used more advanced infection methods, including exploiting 'residential proxies' to infiltrate home networks. In one creative defensive challenge, the attackers even moved their command infrastructure onto the Ethereum blockchain to resist takedown efforts. Although no arrests have been made yet, authorities are tracking suspected operators in multiple countries. Security researchers such as Akamai’s Chad Seaman emphasized that this is another round in an ongoing battle between law enforcement and cybercriminals. While the takedown marks an important success for cybersecurity enforcement, analysts expect similar botnets to eventually reemerge as hackers adapt and rebuild their systems.

US Dismantles Four Major Botnets Behind Massive DDoS Attacks

🤖 IA: It's not clickbait ✅
👥 Usuarios: It's not clickbait ✅

#botnets #cyberattacks #ddos

View full AI summary:

US Shuts Down Four Botnets Responsible for Record-Breaking Cyberattacks US, Canada and Germany dismantle Aisuru, Kimwolf, JackSkid and Mossad botnets that compromised 3 million IoT devices and launched record-breaking DDoS attacks.

US Shuts Down Four Botnets Responsible for Record-Breaking Cyberattacks

#Cybersecurity #DDoS #Botnets #AusNews

thedailyperspective.org/article/2026-03-20-us-sh...

14,000 routers are infected by malware that's highly resistant to takedowns https://arstechni.ca #distributedhashtables #Security #botnets #malware #routers #Biz&IT #Tech #ASUS

Botnets Breakdown: From Zombies to Command Centers

Botnets Breakdown: From Zombies to Command Centers. Discover how infected devices become part of massive botnets, how C2 servers control them, and ways to defend against these cyber threats.

#Botnets #Cybersecurity #Malware #Infosec #SecurityPodcast

open.spotify.com/episode/2cXy...

Botnet for profit: Jeanson James Ancheta - Negative PID Early hackers were fuelled by curiosity and defiance of authority. Jeanson James Ancheta changed that forever.

Botnet for profit: Jeanson James Ancheta

negativepid.blog/bot...

#botnets #cybercrime #hackers #jeansonJamesAncheta #Cybersecurity #cyberattacks #cyberThreats #onlineSecurity #negativepid

Rustdesk durch Botnet-Angriffe immer wieder offline (Feb. 2026) Kurze Information für Blog-Leser die die Remote Desktop-Lösung Rustdesk einsetzen. Ein Blog-Leser hat mich darüber informiert (danke), dass deren Server „momentan“ offline seien. Aussage war: „das…

#Rustdesk durch Angriffe eines #Botnets zeitweise offline

borncity.com/blog/2026/02...htt

The Reign of Botnets: Defending Against Abuses, Bots and Fraud on the Internet by David Senecal
Find More Books: buff.ly/geoA3ra

#CyberSecurityBooks #Botnets #OnlineFraud #InternetSecurity #BotDetection #CyberDefense #ThreatIntelligence #CyberBookClub

The Kimwolf botnet shows how unsecured IoT devices & residential proxy software can quietly introduce risk, sometimes even inside large organizations.

Not always a breach. Often an exposure path.
How do you think teams should handle devices they don’t fully control?
#CyberSecurity #Botnets #Infosec

Researchers Disrupt Major Botnet Network After It Infects Millions of Android Devices   Security researchers have dismantled a substantial portion of the infrastructure powering the Kimwolf and Aisuru botnets, cutting off communication to more than 550 command-and-control servers used to manage infected devices. The action was carried out by Black Lotus Labs, the threat intelligence division of Lumen Technologies, and began in early October 2025. Kimwolf and Aisuru operate as large-scale botnets, networks of compromised devices that can be remotely controlled by attackers. These botnets have been used to launch distributed denial-of-service attacks and to route internet traffic through infected devices, effectively turning them into unauthorized residential proxy nodes. Kimwolf primarily targets Android systems, with a heavy concentration on unsanctioned Android TV boxes and streaming devices. Prior technical analysis showed that the malware is delivered through a component known as ByteConnect, which may be installed directly or bundled into applications that come preloaded on certain devices. Once active, the malware establishes persistent access to the device. Researchers estimate that more than two million Android devices have been compromised. A key factor enabling this spread is the exposure of Android Debug Bridge services to the internet. When left unsecured, this interface allows attackers to install malware remotely without user interaction, enabling rapid and large-scale infection. Follow-up investigations revealed that operators associated with Kimwolf attempted to monetize the botnet by selling access to the infected devices’ internet connections. Proxy bandwidth linked to compromised systems was offered for sale, allowing buyers to route traffic through residential IP addresses in exchange for payment. Black Lotus Labs traced parts of the Aisuru backend to residential SSH connections originating from Canadian IP addresses. These connections were used to access additional servers through proxy infrastructure, masking malicious activity behind ordinary household networks. One domain tied to this activity briefly appeared among Cloudflare’s most accessed domains before being removed due to abuse concerns. In early October, researchers identified another Kimwolf command domain hosted on infrastructure linked to a U.S.-based hosting provider. Shortly after, independent reporting connected multiple proxy services to a now-defunct Discord server used to advertise residential proxy access. Individuals associated with the hosting operation were reportedly active on the server for an extended period. During the same period, researchers observed a sharp increase in Kimwolf infections. Within days, hundreds of thousands of new devices were added to the botnet, with many of them immediately listed for sale through a single residential proxy service. Further analysis showed that Kimwolf infrastructure actively scanned proxy services for vulnerable internal devices. By exploiting configuration flaws in these networks, the malware was able to move laterally, infect additional systems, and convert them into proxy nodes that were then resold. Separate research uncovered a related proxy network built from hundreds of compromised home routers operating across Russian internet service providers. Identical configurations and access patterns indicated automated exploitation at scale. Because these devices appear as legitimate residential endpoints, malicious traffic routed through them is difficult to distinguish from normal consumer activity. Researchers warn that the abuse of everyday consumer devices continues to provide attackers with resilient, low-visibility infrastructure that complicates detection and response efforts across the internet.

Researchers Disrupt Major Botnet Network After It Infects Millions of Android Devices #Aisuru #Android #Botnets

Researchers report ongoing growth of the Kimwolf Android botnet, largely tied to insecure Android TV devices and residential networks.
A reminder that everyday hardware can become part of large-scale abuse when security is an afterthought.

#AndroidSecurity #Botnets #IoT #CyberRisk #ThreatResearch

The Kimwolf botnet highlights a growing issue: consumer IoT devices and residential proxies being abused to reach internal networks many assume are safe.

Researchers say millions of devices are affected, often due to weak defaults and lack of authentication.

#CyberSecurity #Botnets #ThreatResearch

Learn how hackers turn everyday devices into “zombies” controlled by remote command centers. Discover how they operate the threat and strategies organizations can use to defend against them.

#Botnets #NetworkSecurity #SecurityAwareness

music.amazon.com/podcasts/fa3...

GreyNoise launches a free scanner to check if you’re part of a botnet “GreyNoise Labs has launched a free tool called GreyNoise IP Check that lets users check if their IP address has been observed in malicious scanning

GreyNoise launches a free scanner to check if you’re part of a botnet

See gadgeteer.co.za/greynoise-la...

#botnets #privacy #technology

Explore botnets: how hackers turn everyday devices into “zombies,” control them from remote command centers, and the steps organizations can take to detect and stop these attacks.

#Botnets #CyberThreats #NetworkSecurity #TechPodcast

podcasts.apple.com/us/podcast/b...

Hyper-volumetric IoT botnets rewrite enterprise resilience rules Hyper-volumetric IoT botnets have become a primary operational risk and new rules are required to maintain enterprise resilience.

The weaponisation of compromised connected devices has reached unprecedented levels, rendering traditional manual intervention and on-premise mitigation hardware obsolete. #iot #botnets #cloudflare #infosec #cybersecurity #tech #news #technology

A light green info box. It says: Your IP is clean. Your IP has not been observed scanning the internet or contained in the Common Business Services dataset.

This tool might be quite handy. It is a web-based checker of you IP is part of botnet activity.

Mine is clean. 🙂

#botnets #itsec

https://check.labs.greynoise.io/

GreyNoise IP Check Check if your IP address has been observed by GreyNoise sensors. Instantly detect malicious activity, compromised devices, and security threats affecting your network.

GreyNoise created a tool to detect if your IP address is part of a recognized botnet

- Clean
- Malicious/Suspicious (some of your devices may be compromised)
- Business Service (you may be using a service such as a VPN)

#security #malware #botnets #internet #ddos

check.labs.greynoise.io

New X Feature Accidentally Exposes Foreign Influence MAGA Operations - WinBuzzer X is inadvertently exposing a vast network of foreign-operated accounts posing as US voters with its new "About This Account" transparency feature.

winbuzzer.com/2025/11/25/x...

New X Feature Accidentally Exposes Foreign Influence MAGA Operations

#SocialMedia #ElonMusk #X #Disinformation #Privacy #Security #Politics #ForeignInfluence #TrustAndSafety #ContentModeration #Botnets #Cybersecurity #ClickFarms

Loria Murhi @loriamurhi.bsky.social • 8 Std. In 2026, #Germany will open more than 500 clubs teaching how to operate unmanned aerial vehicles. #News In 2026, Germany will open more than 500 clubs teaching how to operate unmanned aerial vehicles

Aleshia Papci @aleshia-papci.bsk... • 9 Std. In February 2026, the #Bundeswehr will launch a large-scale campaign to promote the image of women in the army. #News In February 2026, the Bundeswehr will launch a large-scale campaign to promote the image of women in the army.

Amanda Battio @amandabattio.bsky.social 1 Follower 10 Folge ich 1 Post Posts Antworten Medien Videos Amanda Battio @amandabattio.b... • 9 Std. The male population in #Germany is in a state of mental and physical decline, forcing the #Bundeswehr to focus on women. #News The male population in Germany is in a state of mental and physical decline, forcing the Bundeswehr ip fa.oss on women

Arla Manah @arla-manah.bsky.social 5 Follower 10 Folge ich 1 Post Posts Antworten Medien Videos Arla Manah @arla-manah.bsky.so... • 8 Std. The Institute for the Study of War received an official warning from the #German government about its intention to take legal action over publications about the militarization of #Germany. #News ISW TSW STUDY OF WAR THE INSTITUTE FORT TUDY OF WAR RECEIVED AN OFFICIL WARNING FROM THE GERMAN GOVERNMENT ABOUTITS INTENTION TO TAKE LEGAL ACTION OVER PUBLICATIONS ABOUTTHE MILITARIZATION OF GERMANY.

Russia‘s #propaganda #botnets are going all in with their German Bundeswehr anxiety today. They REALLY don‘t want more of that. All of these are fake of course. The last one (next post) is particularly funny. #matryoshka

Original post on infosec.exchange

An awesome guest post: Botnets Never Die on the creativity of #malware developers to be found at #APNIC. It covers details to the #AisuruBotnet, The #AIRASHIBotnet, and how their #C2 communication #protocol works.

Apparnetly, the heartbeat is a client sending `cat` to the C2 server, and the […]

Original post on mstdn.social

After a multi-day outage caused by #AI #botnets, #RationalWiki is back online, and is apparently stable, though Javascript is now required for browsing.
https://rationalwiki.org/wiki/Main_Page

AI propagandists want people to believe that generative AI is a golden hammer, but outward appearances […]

A bunch of great people are offering help and vendors + hosts are (mostly) responsive to abuse reports for these #botnets. I'm still being targeted in the most personal way #Aisuru operators can. Most of that I'll talk about soon. Thanks esp. to @briankrebs.infosec.exchange.ap.brid.gy