US DoJ Disrupts Massive IoT Botnets Fueling Record 31.4 Tbps DDoS Attacks Worldwide

The US Department of Justice, with international partners, has dismantled command infrastructure for four IoT botnets AISURU, Kimwolf, JackSkid, and Mossad that powered unprecedented DDoS attacks up to 31.4 Tbps, infecting over 3 million devices.

Friday, March 20, 2026 | Washington, DC Washington, DC: In a landmark operation, the US Department of Justice (DoJ) announced the disruption of command-and-control (C2) servers powering four notorious IoT botnets: AISURU, Kimwolf, JackSkid, and Mossad. These networks, which enslaved over 3 million devices globally including digital video recorders, webcams, Wi-Fi routers, and off-brand Android TVs unleashed record-breaking distributed denial-of-service (DDoS) attacks reaching 31.4 terabits per second (Tbps).

Authorities from Canada and Germany collaborated, supported by tech giants like Akamai, AWS, Cloudflare, Google, and others. The botnets issued hundreds of thousands of attack commands: over 200,000 from AISURU, 25,000 from Kimwolf, 90,000 from JackSkid, and 1,000 from Mossad. Many targeted firewalled home devices via residential proxies, enabling hyper-volumetric assaults averaging 3 billion packets per second, 4 Tbps, and 54 million requests per second.

Cloudflare linked Kimwolf to a November 2025 attack lasting just 35 seconds but crippling infrastructure. Independent reports identified suspects including a 23-year-old Canadian, Jacob Butler (aka Dort), and a 15-year-old in Germany, though no arrests were confirmed. Operators sold botnet access as “cybercrime-as-a-service,” extorting victims and overwhelming ISPs, cloud services, and core internet backbone.

“This represents a shift in botnet tactics, infiltrating protected home networks through IoT vulnerabilities,” noted AWS VP Tom Scholl. Akamai highlighted attacks exceeding 30 Tbps and 14 billion packets per second, used for extortion and service disruption. The operation, court-authorized, neutralized threats to global connectivity. Hundreds of thousands of infected US devices underscore the urgency of IoT security amid rising DDoS sophistication. Central Railway’s ongoing vigilance prevents similar digital disruptions in critical infrastructure

Follow us On Our Social media Handles :
Instagram
Youtube
Facebook
Twitter

Also Read- Pune