Feds Disrupt IoT Botnets Behind Huge DDoS Attacks – Krebs on Security

Feds Disrupt IoT Botnets Behind Huge DDoS Attacks – Krebs on Security

https://krebsonsecurity.com/2026/03/feds-disrupt-iot-botnets-behind-huge-ddos-attacks/

Publish Date: 2026-03-19 21:37:18

Source Domain: krebsonsecurity.com

U.S. Justice Department Dismantles Major Botnet Threats

The U.S. Justice Department has collaborated with authorities in Canada and Germany to dismantle the online infrastructure that powered four prominent botnets—Aisuru, Kimwolf, JackSkid, and Mossad—which compromised over three million IoT devices like routers and webcams. These botnets were behind a slew of massive distributed denial-of-service (DDoS) attacks that threaten to bring significant online targets offline. The operation involved seizing U.S.-registered domains and virtual servers to halt further attacks and extortion demands.

The government claims these botnets launched hundreds of thousands of DDoS attacks, with notable impact from Aisuru, which issued over 200,000 attack commands, and JackSkid, which executed at least 90,000 attacks. Victims reported losses reaching tens of thousands of dollars due to both direct damages and remediation costs. The operation also aims to prevent future infections. The efforts coordinated by the FBI’s Anchorage Field Office highlight close international law enforcement collaboration, with support from nearly two dozen tech companies. This action is part of ongoing efforts to disrupt cybercriminals targeting IoT devices and launching devastating DDoS attacks.

Key Points:

• Dismantling Botnets: The U.S. Justice Department, along with Canadian and German law enforcement, took action against major botnets (Aisuru, Kimwolf, JackSkid, Mossad) leveraging over three million IoT devices for DDoS attacks.
• Impact and Response: These botnets were responsible for hundreds of thousands of attacks; substantial financial damage and remediation costs were reported by victims. The operation aimed at ending further attacks and infection of IoT devices.
• Coordination and Partners: Successful disruption depended on coordinated efforts with international partners, including the FBI and more than two dozen technology companies.
• Scope of Threat: Aisuru, the oldest botnet, issued over 200,000 attack commands, and JackSkid launched around 90,000, proving the scale and severity of the threat posed.
• Technological Exploitation: These botnets used sophisticated methods to propagate quickly, mimicking vulnerabilities in victim devices’ internal networks.