Global Law Enforcement Cracks Down on IoT Botnets Behind Record DDoS Assaults

On Jan 2 2026, the U.S. Justice Department, in concert with agencies in Canada and Germany, executed a sweeping takedown of the online infrastructure powering four notorious IoT botnets—Aisuru, Kimwolf, JackSkid and Mossad.

IoT Botnets Disrupted in Coordinated International Sweep

The operation, led by the Department of Defense Office of Inspector General’s Defense Criminal Investigative Service, seized dozens of U.S.-registered domains, virtual servers and command‑and‑control nodes linked to massive distributed denial‑of‑service campaigns that threatened to overwhelm critical online services. Law‑enforcement officials say the botnets generated ↓ 1,000 attack bursts daily, extorting victims for tens of thousands of dollars. Aisuru alone issued more than ↑ 200,000 commands before being repurposed to seed Kimwolf, a variant that slipped past internal network defenses. JackSkid and Mossad contributed roughly 90,000 and 1,000 assaults respectively, while Kimwolf added another 25,000. The FBI’s Anchorage field office, alongside the FBI’s cyber‑crime unit, worked with the Reuters-cited tech partners to map the botnet architecture.

“Our joint effort crippled the malicious infrastructure and will stop further infection of vulnerable devices,”

said Special Agent Rebecca Day. Victims, ranging from corporate web portals to government sites, reported losses in the low‑five‑figure range and costly remediation. The investigation, still unfolding, has identified a 22‑year‑old Canadian and a 15‑year‑old German as prime suspects, though authorities have not disclosed further details. Continued vigilance by manufacturers and users is urged to patch the firmware flaws that the botnets exploited.

Reported by: Kaelen Frost

Lead Cybersecurity Analyst