US Justice Department Disrupts Major Cybercriminal Botnet Network
The United States Justice Department has announced a significant operation to dismantle a sophisticated network of cybercriminal botnets that were responsible for infecting more than three million devices across the globe. This coordinated action targeted four distinct botnets—Aisuru, KimWolf, JackSkid, and Mossad—which were actively used to launch widespread Distributed Denial of Service (DDoS) attacks and extortion campaigns.
Operation Targets Command and Control Infrastructure
According to official statements, the operation focused on shutting down the critical command and control infrastructure that powered these malicious botnets. Authorities successfully seized multiple U.S.-based domains and servers directly linked to the cybercriminal activities. The Defense Criminal Investigative Service (DCIS) led the initiative with substantial support from the Federal Bureau of Investigation (FBI).
The botnets were also implicated in attacks targeting systems connected to the Department of Defense, highlighting the severe threat they posed to national security and critical internet infrastructure.
Millions of IoT Devices Compromised
Court documents reveal that the four botnets collectively infected over three million devices worldwide, with hundreds of thousands located within the United States. The majority of the compromised devices were Internet of Things (IoT) products, including:
- Digital video recorders
- Web cameras
- WiFi routers
"The KimWolf and JackSkid botnets are accused of targeting and infecting devices which are traditionally 'firewalled' from the rest of the internet. The infected devices were enslaved by the botnet operators," the Justice Department emphasized in its official release.
Large-Scale Cyberattacks and Financial Impact
The infected devices were remotely controlled by cybercriminals to execute hundreds of thousands of DDoS attacks, some reaching staggering speeds of up to 30 terabits per second. Specific attack volumes included:
- Aisuru botnet: Over 200,000 DDoS attack commands
- KimWolf botnet: More than 25,000 DDoS attack commands
- JackSkid botnet: Over 90,000 DDoS attack commands
- Mossad botnet: More than 1,000 DDoS attack commands
Numerous victims reported substantial financial losses and incurred significant costs associated with mitigating and repairing the damage caused by these relentless cyberattacks.
International Coordination and Law Enforcement Response
The operation was conducted in close collaboration with law enforcement agencies in Germany and Canada, underscoring the global nature of cybercrime. U.S. Attorney Michael J. Heyman stated, "The United States is steadfast in our commitment to safeguarding critical internet infrastructure and fighting the cybercriminals who jeopardize its security."
DCIS Special Agent Kenneth DeChellis added, "Cybercriminals infiltrate infrastructure beyond physical borders and DCIS participates in international operations to help safeguard the Department’s global footprint." FBI Special Agent Rebecca Day reinforced this sentiment, noting, "This operation reflects the strength of that collaboration and our shared commitment to combatting cybercrime and protecting victims worldwide."
The Justice Department confirmed that this decisive action aims to prevent further attacks and halt the ongoing spread of infections, marking a critical step in enhancing global cybersecurity defenses.
