Investigators said Friday they worked with partners in the United States and Canada to shut down infrastructure tied to two large botnet networks known as Aisuru and Kimwolf.
The botnets, made up of millions of infected internet-connected devices, were used to conduct large-scale Distributed Denial of Service (DDoS) attacks capable of overwhelming websites and online services. Authorities said the networks posed a significant threat to IT infrastructure because of their size and attack capacity.
Germany’s Central Office for Combating Cybercrime in North Rhine-Westphalia (ZAC NRW) and the Federal Criminal Police Office (BKA) said they dismantled technical infrastructure belonging to the botnets worldwide. Investigators identified two suspected administrators and carried out searches in Germany and Canada, seizing extensive evidence including data storage devices and cryptocurrencies valued at tens of thousands of euros.
Aisuru is believed to have relied mainly on compromised Internet of Things (IoT) devices such as routers and webcams, while Kimwolf primarily used infected Android TV boxes. Kimwolf was also rented out to other hackers, enabling attackers to make malicious traffic appear to originate from ordinary household devices.
Botnets form when hackers infect vulnerable internet-connected devices—smart TVs, routers, webcams, set-top boxes—with malware. Once compromised, these devices can be controlled remotely and instructed to send large volumes of traffic to a target. In a DDoS attack, thousands or millions of such devices simultaneously flood a website or server, overwhelming it and forcing services offline.
Experts warn that devices with weak passwords, outdated software, or unpatched security flaws are particularly susceptible to becoming part of botnets. Regularly updating firmware, using strong passwords, and securing home networks can reduce the risk of devices being hijacked.
Edited by: Kieran Burke