IoT Botnet Takedown: Millions of Devices Hijacked

⏱ 3 min read

Anchorage, AK – A coordinated takedown by federal authorities in Alaska, Canada and Germany just gutted four of the world’s largest IoT botnets, used to unleash crippling DDoS attacks globally. The operation, executed today, targeted the infrastructure behind Aisuru, KimWolf, JackSkid, and Mossad – networks that hijacked millions of everyday devices and weaponized them for digital mayhem.

These weren’t just garden-variety attacks. Investigators say some peaked at a staggering 30 Terabits per second – record-breaking volume, and a serious threat to online stability. The botnets specialized in turning vulnerable ‘Internet of Things’ devices – DVRs, webcams, WiFi routers – into digital drones. What made KimWolf and JackSkid particularly nasty? They specifically targeted devices normally shielded behind firewalls.

The operation, led by the Department of Defense Office of Inspector General’s DCIS, seized U.S.-registered internet domains and servers used to control the enslaved devices. The botnet bosses weren’t just launching attacks themselves; they were running a “cybercrime as a service,” renting out access to their network of compromised devices to other criminals. By March 2026, authorities estimate the networks controlled over three million devices worldwide, with hundreds of thousands inside the United States.

The attacks didn’t discriminate. Victims included entities within the Department of Defense Information Network (DoDIN), but the botnets’ reach extended far beyond, slamming computers and servers across the globe. While specific details of the individuals operating the botnets aren’t immediately public, this takedown represents a significant blow to a highly lucrative and dangerous corner of the cyber underworld.