The U.S. Department of Justice, in collaboration with federal agencies and international partners, has dismantled a cybercriminal network responsible for operating some of the world's largest botnets. These networks were used to launch massive assaults on digital infrastructure.
An official statement revealed that a court-authorized operation successfully disrupted the command and control (C2) infrastructure of four botnets, named Aisuru, KimWolf, JackSkid, and Mossad. These entities orchestrated global distributed denial-of-service (DDoS) attacks.
Authorities report that these networks infected over three million devices worldwide, including cameras, digital recorders, and WiFi routers.
The cybercriminals remotely managed many of these devices, using them to execute coordinated strikes on servers and computer systems.
Some attacks reached unprecedented levels, peaking at up to 30 terabits per second, marking them among the largest recorded to date.
The illicit activities resulted in substantial economic losses for victims, alongside disruptions in digital services.
The operation was synchronized with actions in Canada and Germany, where authorities targeted suspected operators of these botnets.
In the U.S., domains, virtual servers, and other infrastructure linked to the criminal activities were seized, including attacks aimed at Department of Defense networks.
Investigations uncovered that the perpetrators operated under a "cybercrime as a service" model, selling access to infected devices so other criminals could launch attacks or extort victims.
Michael J. Heyman, the U.S. Attorney for the District of Alaska, emphasized the critical role of international cooperation in tackling these threats.
Meanwhile, the FBI highlighted that the operation underscores a unified commitment to safeguarding digital infrastructure and combating cybercrime on a global scale.
The operation also involved multiple agencies and tech companies, significantly weakening the ability of these networks to carry on their illegal activities.
Understanding the Global Impact of Cybercrime Networks
What are botnets and how do they pose a threat?
Botnets are networks of compromised devices controlled by cybercriminals to conduct malicious activities, such as DDoS attacks, which can disrupt services and cause significant financial harm.
How significant was the impact of the dismantled botnets?
The dismantled botnets were responsible for some of the largest DDoS attacks ever recorded, affecting millions of devices and leading to considerable disruptions and financial losses.
What role did international cooperation play in this operation?
International cooperation was crucial, allowing for coordinated actions across borders, which led to the successful disruption of the botnets' operations and the capture of key operators.