serisec

Category: Internet of Things (IoT)

  • Alleged Kimwolf Botmaster ‘Dort’ Arrested, Charged in U.S. and Canada

    Alleged Kimwolf Botmaster ‘Dort’ Arrested, Charged in U.S. and Canada Canadian authorities on Wednesday arrested a 23-year-old Ottawa man on suspicion of building and operating Kimwolf, a fast spreading Internet-of-Things botnet that enslaved millions of devices for use in a series of massive distributed denial-of-service (DDoS) attacks over the past six months. KrebsOnSecurity publicly named…

  • Anti-DDoS Firm Heaped Attacks on Brazilian ISPs

    Anti-DDoS Firm Heaped Attacks on Brazilian ISPs A Brazilian tech firm that specializes in protecting networks from distributed denial-of-service (DDoS) attacks has been enabling a botnet responsible for an extended campaign of massive DDoS attacks against other network operators in Brazil, KrebsOnSecurity has learned. The firm’s chief executive says the malicious activity resulted from a…

  • Russia Hacked Routers to Steal Microsoft Office Tokens

    Russia Hacked Routers to Steal Microsoft Office Tokens Hackers linked to Russia’s military intelligence units are using known flaws in older Internet routers to mass harvest authentication tokens from Microsoft Office users, security experts warned today. The spying campaign allowed state-backed Russian hackers to quietly siphon authentication tokens from users on more than 18,000 networks…

  • Feds Disrupt IoT Botnets Behind Huge DDoS Attacks

    Feds Disrupt IoT Botnets Behind Huge DDoS Attacks The U.S. Justice Department joined authorities in Canada and Germany in dismantling the online infrastructure behind four highly disruptive botnets that compromised more than three million Internet of Things (IoT) devices, such as routers and web cameras. The feds say the four botnets — named Aisuru, Kimwolf,…

  • Who Operates the Badbox 2.0 Botnet?

    Who Operates the Badbox 2.0 Botnet? The cybercriminals in control of Kimwolf — a disruptive botnet that has infected more than 2 million devices — recently shared a screenshot indicating they’d compromised the control panel for Badbox 2.0, a vast China-based botnet powered by malicious software that comes pre-installed on many Android TV streaming boxes.…

  • Kimwolf Botnet Lurking in Corporate, Govt. Networks

    Kimwolf Botnet Lurking in Corporate, Govt. Networks A new Internet-of-Things (IoT) botnet called Kimwolf has spread to more than 2 million devices, forcing infected systems to participate in massive distributed denial-of-service (DDoS) attacks and to relay other malicious and abusive Internet traffic. Kimwolf’s ability to scan the local networks of compromised systems for other IoT…

  • Who Benefited from the Aisuru and Kimwolf Botnets?

    Who Benefited from the Aisuru and Kimwolf Botnets? Our first story of 2026 revealed how a destructive new botnet called Kimwolf has infected more than two million devices by mass-compromising a vast number of unofficial Android TV streaming boxes. Today, we’ll dig through digital clues left behind by the hackers, network operators and services that…

  • Is Your Android TV Streaming Box Part of a Botnet?

    Is Your Android TV Streaming Box Part of a Botnet? On the surface, the Superbox media streaming devices for sale at retailers like BestBuy and Walmart may seem like a steal: They offer unlimited access to more than 2,200 pay-per-view and streaming services like Netflix, ESPN and Hulu, all for a one-time fee of around…

  • Drilling Down on Uncle Sam’s Proposed TP-Link Ban

    Drilling Down on Uncle Sam’s Proposed TP-Link Ban The U.S. government is reportedly preparing to ban the sale of wireless routers and other networking gear from TP-Link Systems, a tech company that currently enjoys an estimated 50% market share among home users and small businesses. Experts say while the proposed ban may have more to…

  • Cloudflare Scrubs Aisuru Botnet from Top Domains List

    Cloudflare Scrubs Aisuru Botnet from Top Domains List For the past week, domains associated with the massive Aisuru botnet have repeatedly usurped Amazon, Apple, Google and Microsoft in Cloudflare’s public ranking of the most frequently requested websites. Cloudflare responded by redacting Aisuru domain names from their top websites list. The chief executive at Cloudflare says…

  • Aisuru Botnet Shifts from DDoS to Residential Proxies

    Aisuru Botnet Shifts from DDoS to Residential Proxies Aisuru, the botnet responsible for a series of record-smashing distributed denial-of-service (DDoS) attacks this year, recently was overhauled to support a more low-key, lucrative and sustainable business: Renting hundreds of thousands of infected Internet of Things (IoT) devices to proxy services that help cybercriminals anonymize their traffic.…

  • DDoS Botnet Aisuru Blankets US ISPs in Record DDoS

    DDoS Botnet Aisuru Blankets US ISPs in Record DDoS The world’s largest and most disruptive botnet is now drawing a majority of its firepower from compromised Internet-of-Things (IoT) devices hosted on U.S. Internet providers like AT&T, Comcast and Verizon, new evidence suggests. Experts say the heavy concentration of infected devices at U.S. providers is complicating…

  • DSLRoot, Proxies, and the Threat of ‘Legal Botnets’

    DSLRoot, Proxies, and the Threat of ‘Legal Botnets’ The cybersecurity community on Reddit responded in disbelief this month when a self-described Air National Guard member with top secret security clearance began questioning the arrangement they’d made with company called DSLRoot, which was paying $250 a month to plug a pair of laptops into the Redditor’s…

  • KrebsOnSecurity Hit With Near-Record 6.3 Tbps DDoS

    KrebsOnSecurity Hit With Near-Record 6.3 Tbps DDoS KrebsOnSecurity last week was hit by a near record distributed denial-of-service (DDoS) attack that clocked in at more than 6.3 terabits of data per second (a terabit is one trillion bits of data). The brief attack appears to have been a test run for a massive new Internet…