The U.S This article explores investigation botnets launched. . Department of Justice (DoJ) said on Thursday that they had shut down the command-and-control (C2) infrastructure used by several Internet of Things (IoT) botnets, including AISURU, Kimwolf, JackSkid, and Mossad.
This was part of a law enforcement operation approved by a court. The investigation also involved Canadian and German authorities going after the people who run these botnets. Many private companies, such as Akamai, Amazon Web Services, Cloudflare, DigitalOcean, Google, Lumen, Nokia, Okta, Oracle, PayPal, SpyCloud, Synthient, Team Cymru, Unit 221B, and QiAnXin XLab, helped with the investigation. "The four botnets launched distributed denial-of-service (DDoS) attacks targeting victims around the world," the DoJ said.
"Some of these attacks were record-breaking, with speeds of about 30 Terabits per second." Cloudflare said in a report last month that AISURU/Kimwolf was responsible for a huge 31.4 Tbps DDoS attack that happened in November 2025 and only lasted 35 seconds. "The second problem was that a lot of new botnets started to copy the method of using the flaw to get very big very quickly."
XLab told the publication that it gave them sample hashes, decrypted C2 configurations, and screenshots of DDoS attacks as proof. Akamai said that the hyper-volumetric botnets caused attacks that were more than 30 Tbps, 14 billion packets per second, and 300 Mrps. They also said that cybercriminals used these botnets to launch hundreds of thousands of attacks and, in some cases, demand money from victims.
The web infrastructure company said, "These attacks can take down important parts of the internet, make ISPs' services much worse for their customers, and even overload cloud-based mitigation services that can handle a lot of traffic."
