Logo
News Ababil
Explore
SYS_NODE: ONLINE // Cyber Security

Kimwolf Botnet Master Arrested: Cross‑Border Hack Charges Loom

DECRYPTED BY: Kaelen Frost | TIMESTAMP: 2026-05-22 T 00:37:31 Z | [ 2 MIN READ ]
Kimwolf Botnet Master Arrested: Cross‑Border Hack Charges Loom
2 Min Read
Share

Kimwolf botnet Arrest Sparks International Cyber‑Security Crackdown

Canadian police detained 23‑year‑old Jacob Butler, known online as “Dort”, after a U.S. warrant demanded his extradition. The suspect is accused of building and running the Kimwolf botnet, which hijacked millions of IoT devices—digital photo frames, webcams and other “firewalled” gear—to launch record‑breaking DDoS assaults.

Kimwolf botnet Attack Scale

Law‑enforcement analysts measured the botnet’s traffic at ↑ 30 Tbps, a historic peak that overwhelmed targets ranging from commercial sites to U.S. Department of Defense address blocks. Victims reported losses exceeding ↓ $1,000,000 each.

The Justice Department’s unsealed complaint, filed in an Alaska federal court, links Butler to over 25,000 attack commands issued between October 2025 and March 2026. Authorities say the botnet rented compromised devices to other cybercriminals, magnifying the threat.

“Kimwolf was tied to DDoS attacks that shattered previous volume records,” the DOJ statement read.

On March 19, an Reuters‑reported operation seized the technical backbone of Kimwolf alongside three rival botnets—Aisuru, JackSkid and Mossad. The coordinated takedown involved the FBI’s Anchorage field office and the DoD’s Defense Criminal Investigative Service.

Butler’s online footprint was pieced together from IP logs, forum registrations and messaging app records, a process highlighted by security blogger Brian Krebs earlier this year. Despite the exposure, the hacker continued to threaten researchers, even orchestrating swatting attacks against Synthient founder Ben Brundage.

“Hopefully this will end the harassment,” Brundage told Bloomberg after the arrest.

The Ontario Provincial Police executed a search warrant at Butler’s Ottawa residence on March 19, confiscating several computers and storage devices. He now faces Canadian charges of unauthorized computer use, possession of a device for illicit access, and mischief related to computer data, with a bail hearing set for early May.

In the United States, Butler is charged with one count of aiding and abetting computer intrusion. If extradited and convicted, he could face up to ten years behind bars, though sentencing guidelines may consider his youth and lack of prior offenses. The case underscores how the pandemic era’s surge in remote devices created fertile ground for IoT botnets, a trend investigators warn will persist.


Words by: Kaelen Frost

Lead Cybersecurity Analyst

Global Data Feed

More from this Intel

Scattered Spider hackers plead guilty on first day of trial, UK courts set sentencing

Scattered Spider hackers plead guilty on first day of trial,...

Jul 05, 2026
U.S. Government Pays Kairos Data Theft Ransom of $1 Million

U.S. Government Pays Kairos Data Theft Ransom of $1 Million

Jul 04, 2026
FBI Seizes NetNut Proxy Network Linked to Popa Botnet, Shutting Down Millions of Devices

FBI Seizes NetNut Proxy Network Linked to Popa Botnet, Shutting...

Jul 04, 2026
FatFs vulnerabilities expose millions of embedded devices to attack

FatFs vulnerabilities expose millions of embedded devices to attack

Jul 04, 2026
NetNut proxy network crippled: Google‑led strike cuts off 2 million devices

NetNut proxy network crippled: Google‑led strike cuts off 2 million devices

Jul 04, 2026
Australia’s Cybercrime Risk Declines, but SMBs Shoulder New Burden

Australia’s Cybercrime Risk Declines, but SMBs Shoulder New Burden

Jul 03, 2026

Join The Elite

Get the top 0.1% global intelligence and market insights delivered directly to your inbox before the masses.

We respect your privacy. No spam.