Mastodawn

RE: https://infosec.exchange/@jmeyer/116393381297187934

Latest report from our ERT on another proxy/ADB-based botnet: #Maskify

https://github.com/deepfield/public-research/blob/main/maskify/report.md

New report from our ERT: #Maskify.

The operator built what a Series A deck would call "decentralized edge infrastructure": ENS for service discovery, IPFS for binary distribution, a custom P2P mesh network, QUIC transport.

In practice it is a DDoS botnet running on Android TV boxes that did not opt in.

https://github.com/deepfield/public-research/blob/main/maskify/report.md

#threatintel #ddos

public-research/maskify/report.md at main · deepfield/public-research

DDoS botnet research and indicators of compromise from Nokia Deepfield ERT - deepfield/public-research

GitHub

KrebsOnSecurity RSS Jan 9

Who Benefited from the Aisuru and Kimwolf Botnets?

https://krebsonsecurity.com/2026/01/who-benefited-from-the-aisuru-and-kimwolf-botnets/

#InternetofThings(IoT) #GreyNoiseIntelligence #EthereumNameService #Ne'er-Do-WellNews #BenjaminBrundage #ALittleSunshine #FriedrichKraft #DDoS-for-Hire #CassidyHales #Plainproxies #Breadcrumbs #3XKTechGmbH #ByteConnect #ResiRackLLC #Flashpoint #JuliaLevi #Synthient #Kimwolf #Maskify #Aisuru #Forky #Linus #AT&T #Dort #Shox #Snow #XLab

public-research/maskify/report.md at main · deepfield/public-research

Who Benefited from the Aisuru and Kimwolf Botnets? – Krebs on Security