US Departments of Justice and Defense crush four massive botnets totaling 3,000,000 devices — botnets responsible for a combined 316,000 DDoS attacks globally

Go deeper with TH Premium: Taiwan, trade, and tariffs

• China's latest round of rare-earth export controls explained
• Analyzing Washington's new AI accelerator export rules
• U.S. government plans tariff exemptions for TSMC
• Nvidia wants China's market share to secure the future of CUDA in the region

As of right now, there are no arrests reported, though German and Canadian authorities reportedly have their eyes on potential targets, namely a 15-year-old from Germany, and a Canadian 22-year-old who is presumed to be the infamous Kimwolf operator, alias "Dort".

The bulk of those infected devices belong to the rather large Aisuru and Kimwolf botnets, both of which were in the news recently due to the scale of the DDoS attacks performed through them. Notably but not exclusively, the largest attack was performed pretty recently in late January, smashing worldwide records at a record 31.4 Tb/s, enough bandwidth to take entire countries offline.

The Aisuru botnet primarily targets networking and adjacent gear, such as home and office routers, IP cameras, Wi-Fi access points, and gateways. Kimwolf's favorite nourishment, meanwhile, is Android-based streaming devices such as TV boxes, Smart TVs, Android tablets, and digital photo frames. Many of these devices come with the Android debugging mode wide enabled from the factory, and sometimes with preinstalled exploitable firmware, namely on cheap, no-name IPTV piracy set-top boxes.

The DoJ says that Aisuru was responsible for about 200,000 DDoS attacks, while Kimwolf scored 25,000, JackSkid 90,000, and Mossad 1,000. Some of those attacks made the bold move of striking at IP ranges owned by the US DoD.