US, Germany, Canada Disrupt Botnets That Infected Millions Of Devices

RunWithRugs · 2026-03-21T20:24:12+00:00

Law enforcement in the U.S., Germany, and Canada dismantled four major botnets, targeting over 3 million devices. The botnets launched DDoS attacks, affecting Department of Defense sites. Two suspected administrators were identified, leading to significant seizures of evidence and cryptocurrencies.

RunWithRugs

2026-03-21 20:24:12

Abstract generation in progress

(MENAFN- Live Mint) By Maria Tsvetkova

NEW YORK, March 20 (Reuters) - Law enforcement agencies in the United States, Germany and Canada have carried out an operation to take down infrastructure used by four major botnets that infected more than 3 million devices worldwide.

The U.S. Department of Justice said in a statement on Thursday the malicious networks - Aisuru, KimWolf, JackSkid and Mossad - were used to launch distributed denial-of-service (DDoS) attacks, with some Department of Defense websites among the targets.

German police said on Friday law enforcement agencies had identified two suspected administrators of the botnets who will now face legal consequences.

“Searches were conducted at their residences in Germany and Canada, and extensive evidence was seized,” it said in a statement. “In addition to numerous data storage devices, cryptocurrencies worth tens of thousands of dollars were also confiscated.”

Most infected devices were part of the so-called Internet of Things, or web-connected appliances like webcams, digital video recorders, or Wi-Fi routers, according to the U.S. DOJ.

Operators of the botnets carried out hundreds of thousands of DDoS attacks, targeting computers and servers around the world, including IP addresses owned by the Department of Defense Information Network. In some cases, they demanded payments from their victims, according to the statement.

German police said devices could be compromised without the knowledge of their owners, and those with no security updates or weak passwords were especially at risk.

“Furthermore, resources of the Kimwolf botnet were rented out as a so-called residential proxy network. This allowed third parties to use the infected devices as an anonymization layer for a fee, without the knowledge of the actual owner,” police said.

"Today’s disruption of four powerful botnets highlights our commitment to eliminate emerging cyber threats to the Department of Defense and its warfighters,” said Kenneth DeChellis, a special agent in charge at the Department of Defense Investigative Service.

The DOJ statement listed nearly two dozen major tech companies that helped the operation, including Amazon Web Services, Google, PayPal and Nokia, and the PowerOff team of the European Union’s law enforcement agency, Europol, whose operation against cybercriminals focusing on DDoS attacks has been running since 2017.

(Reporting by Maria Tsvetkova and Matthias Williams; Editing by Thomas Derpinghaus and Andrei Khalip)

MENAFN20032026007365015876ID1110889359

This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.

1 Likes