top of page
ALL POSTS
Operation PowerOFF: 75,000 DDoS-for-Hire Service Users Identified and Warned
Key Findings Law enforcement from 21 countries completed a major crackdown on DDoS-for-hire services on April 13, 2026, resulting in 4 arrests and seizure of 53 web domains Over 75,000 warning letters and emails were sent to users of illegal DDoS services, targeting young people and hobbyists Authorities identified details on more than 3 million criminal user accounts during the investigation Operation PowerOFF deployed innovative enforcement tactics including Google ads and
Apr 192 min read
Operation PowerOFF Takes Down 53 DDoS Domains, Reveals 3 Million Criminal Accounts
Key Findings 53 DDoS-for-hire domains seized across 21 countries in coordinated operation Four suspects arrested in connection with commercial DDoS services Databases containing over 3 million criminal user accounts accessed More than 75,000 cybercriminals identified and warned via email and letters 25 search warrants issued as part of ongoing investigation Operation PowerOFF demonstrates escalating law enforcement focus on dismantling DDoS infrastructure Background Operation
Apr 173 min read
Hacker Deploys LLM-Powered AI To Attack FortiGate Devices Across 55 Countries
Key Findings: A Russian-speaking threat actor compromised over 600 FortiGate firewalls across 55 countries in just 5 weeks The attacker systematically used generative AI and large language models (LLMs) to write tools and plan follow-on actions inside victim networks The campaign did not rely on zero-day vulnerabilities, instead targeting publicly accessible admin panels and VPN portals protected by weak credentials Stolen FortiGate configurations provided detailed informatio
Mar 32 min read
Largest DDoS Attack in History Stopped by Cloudflare
Key Findings The AISURU/Kimwolf botnet hit a record-breaking 31.4 Tbps DDoS attack that lasted just 35 seconds in November 2025. Cloudflare automatically detected and blocked the attack as part of a surge in hyper-volumetric HTTP DDoS attacks observed in late 2025. The number and size of DDoS attacks increased significantly in 2025, with a 40% rise in hyper-volumetric attacks in Q4 2025 compared to the previous quarter. The largest attacks targeted Cloudflare customers in the
Feb 73 min read
Aisuru/Kimwolf Botnet Sets New Global DDoS Record With 31.4 Tbps
Key Findings The Aisuru/Kimwolf botnet launched a record-setting DDoS attack that peaked at 31.4 Tbps and 200 million requests per second. The attack was part of a broader campaign targeting multiple organizations, primarily in the telecommunications and IT sectors. Cloudflare automatically detected and mitigated the attack, which they dubbed "The Night Before Christmas" due to its timing in late December 2025. The Aisuru/Kimwolf botnet is a large-scale network of malware-inf
Feb 52 min read
Kimwolf Android Botnet Infects Over 2 Million Devices
Key Findings The Kimwolf Android botnet has infected over 2 million devices, primarily through the exploitation of residential proxy networks. The botnet primarily targets low-cost, unofficial Android TV boxes that are left insecure or intentionally configured as proxy nodes. Kimwolf is believed to be an Android variant of the AISURU botnet, with connections to a series of record-setting DDoS attacks. The botnet uses a scanning infrastructure that leverages residential proxie
Jan 52 min read
Kimwolf Android Botnet Infects Millions, Launches DDoS Attacks
Key Findings The Kimwolf Android botnet has infected over 1.8 million devices globally, primarily targeting TV boxes It uses advanced techniques like DNS over TLS, elliptic curve digital signatures, and blockchain domains to evade detection The botnet is capable of massive DDoS attacks, issuing over 1.7 billion commands in a three-day period Kimwolf shares code with the Aisuru botnet family but has been heavily redesigned to avoid detection Background The Kimwolf botnet was f
Dec 21, 20252 min read
Link11 Identifies Five Cybersecurity Trends Set to Shape European Defense Strategies in 2027
Key Findings DDoS attacks will increasingly be used as diversion tactics to draw attention away from more damaging activities API-first architectures will increase exposure to misconfigurations and business logic abuse Integrated WAAP platforms will overtake fragmented web security architectures AI-driven DDoS mitigation will become essential against hyper-scale attacks Regulatory pressure will intensify as cybersecurity oversight expands across Europe Background Cybersecurit
Dec 16, 20253 min read
Aisuru Botnet Sets New Record with 29.7 Tbps DDoS Attack
Key Findings Cloudflare mitigated the largest ever distributed denial-of-service (DDoS) attack, measuring 29.7 terabits per second (Tbps) The attack originated from the AISURU DDoS botnet-for-hire, which has been linked to numerous high-volume DDoS attacks over the past year The 69-second attack did not disclose the target, but AISURU has targeted telecommunication providers, gaming companies, hosting providers, and financial services AISURU is believed to be powered by a mas
Dec 4, 20252 min read
Microsoft Blocks Massive 15.72 Tbps DDoS Attack from AISURU Botnet
Key Findings Microsoft disclosed that it automatically detected and mitigated a 15.72 Tbps DDoS attack, the largest ever observed in the cloud, targeting a single endpoint in Australia. The attack originated from the AISURU botnet, a Mirai-class IoT botnet powered by nearly 300,000 infected devices, mainly routers, security cameras, and DVR systems. The attack involved massive UDP floods from over 500,000 source IPs across various regions, with minimal spoofing and random sou
Nov 18, 20252 min read
bottom of page
