US Departments of Justice and Defense crush four massive botnets totaling 3,000,000 devices — botnets responsible for a combined 316,000 DDoS attacks globally

...

for the time being, at least.

Get Tom's Hardware's best news and in-depth reviews, straight to your inbox.

The U.S.

Department of Justice (DoJ) and its network of partners are on quite a roll lately, scoring the third botnet takedown in this calendar month alone.

Not content with putting a stake through the hearts of LeakBase and SocksEscort , the DoJ brought offline the combination of networks known as Aisuru, Kimwolf, JackSkid, and Mossad.

The operation took out the command-and-control servers for a total of 3 million devices and had the help of the U.S.

Department of Defense, Canada, Germany, and a group of major internet connectivity players, including Akamai, Amazon , and Cloudflare.

The Defense Criminal Investigative Service seized multiple domains, virtual servers, and "other infrastructure."
As of right now, there are no arrests reported, though German and Canadian authorities reportedly have their eyes on potential targets, namely a 15-year-old from Germany , and a Canadian 22-year-old who is presumed to be the infamous Kimwolf operator, alias "Dort" .

The bulk of those infected devices belong to the rather large Aisuru and Kimwolf botnets, both of which were in the news recently due to the scale of the DDoS attacks performed through them.

Notably but not exclusively, the largest attack was performed pretty recently in late January, smashing worldwide records at a record 31.4 Tb/s, enough bandwidth to take entire countries offline.

The DoJ says that Aisuru was responsible for about 200,000 DDoS attacks, while Kimwolf scored 25,000, JackSkid 90,000, and Mossad 1,000.

Some of those attacks made the bold move of striking at IP ranges owned by the US DoD.

Follow Tom's Hardware on Google News , or add us as a preferred source , to get our latest news, analysis, & reviews in your feeds.

Bruno Ferreira is a contributing writer for Tom's Hardware.

He has decades of experience with PC hardware and assorted sundries, alongside a career as a developer.

He's obsessed with detail and has a tendency to ramble on the topics he loves.

When not doing that, he's usually playing games, or at live music shows and festivals.

TechieTwo said: And to think 99% of this is preventable if folks would just change the default password for their modem, router, etc.

Some people really are dangerous to society.

:(
COLGeek said: I don't think it works that way, even with an ISP provided router.

The update firmware function happens on the user side of the router.

That function is independent from the ISP's management of other devices.

Hotrod2go said: An ISP here in Australia can update the firmware without any end user interaction.