CyberVeille.ch5h ago

📢 Démantèlement du botnet Kimwolf : 26 000 attaques DDoS via des proxies résidentiels compromis
📝 ## 🗞️ Contexte

Article publié le 2 avril 2026 par le Wall Street Journal, relatant l'investigation ayant conduit au...
📖 cyberveille : https://cyberveille.ch/posts/2026-04-04-demantelement-du-botnet-kimwolf-26-000-attaques-ddos-via-des-proxies-residentiels-compromis/
🌐 source : https://www.wsj.com/tech/kimwolf-hack-residential-proxy-networks-a712ab59
#Android #DDoS #Cyberveille

Démantèlement du botnet Kimwolf : 26 000 attaques DDoS via des proxies résidentiels compromis

🗞️ Contexte Article publié le 2 avril 2026 par le Wall Street Journal, relatant l’investigation ayant conduit au démantèlement du botnet Kimwolf, l’un des plus puissants jamais observés sur internet. L’opération de police fédérale américaine a été annoncée le 19 mars 2026. 🎯 Le botnet Kimwolf Kimwolf est un botnet de type DDoS-as-a-service ayant lancé plus de 26 000 attaques DDoS ciblant plus de 8 000 victimes. À son apogée, il comptait environ 2 millions d’appareils compromis, avec des dizaines de milliers de nouveaux appareils ajoutés quotidiennement. Les opérateurs dépensaient environ 30 000 dollars par mois pour les serveurs de commande et contrôle.

CyberVeille
Termux1d ago

Our servers have been attacked by large corporations (it's very easy to actually guess the names). Initial report is written by one of our webmasters on LinkedIn: https://www.linkedin.com/posts/codingthunder_openai-share-7446088418696278016-ELwc?utm_source=share&utm_medium=member_desktop&rcm=ACoAADMaVGQBMie9fjqAkNXeVEioLRp8xlgIrDY

#ddos #termux #android #openai #ai #aislop

I wanna apologize for sending an external link to LinkedIn, but I just don't have the bandwidth to rewrite it here with formatting after spending a considerable time yesterday fixing the wiki while I should have been sleeping.

#openai | Yaksh Bariya

I'm not sure how long this "AI bubble" is going to last, but as a webmaster I'm now very tired with OpenAI, ByteDance, and other AI companies absolutely wrecking a chaos on public internet. Their crawlers don't give a shit about how many requests they do in a second. Yesterday it has come into my account that #openai's crawlers have moved from using "OpenAI" string in their user agent to "Intel MacOS" useragent to bypass people trying to protect their sites from rampant crawling. The server running MediaWiki for wiki.termux.dev was hit from 27k+ ip addresses in the past 12 hour window coming all from different IP ranges. Also what's surprising is that ByteDance IP ranges changed the user agent string the same time as OpenAI's crawlers. This can't be a coincidence, but seems like the entire AI industry is run by bunch of people who don't want to be responsible for their actions and want to make money off of blatant scraping and forcing a lot of small community sites and forms to shutdown. It is surely not a coincidence that a we started receiving bot requests from both ByteDance's crawlers and OpenAI's with the same user agent? Also a good chunk of these requests are coming from residental IPs. It is very likely that a bunch of ISPs are either giving their residental IPs to these AI companies, or they have resorted to buying residental connections for large scale scraping. Generally DDoS from residental IP ranges means that the attack is carried down by some script kiddie or some wannabe "cool hacker" who is operating a botnet and wants to demonstrate the scale of their attack to potential clients. There are also a lot of requests which seem to be coming from no-name ASNs which have no information available publicaly about what they do. Which is too fishy for such a large number of requests. This is not the full report, I'm planning to do a full report about this soon. Just wanted to rant out my frustration with me spending around 2-3 hours yesterday when I should be sleeping just because some people don't believe in the collective good use of internet bandwidth. I'm pretty sure there are a lot of other people as well who are dealing with this nonsense of AI crawlers

LinkedIn
Habr2d ago

Атакующий трафик вчера, сегодня, завтра: про актуальные реалии и DDoS-вызовы

Рассказываем про собственную статистику DDoS-атак за 2025 и первый квартал 2026 года — и через эту призму размышляем об эволюции DDoS как явления в целом.

https://habr.com/ru/companies/ddosguard/articles/1018462/

#ddos #ddosguard #защита_от_ddos #ботнет #aisuru #эволюция_ddos #тренды_ddos #статистика_ddos_2025 #статистика_ddos_2026 #модель_osi

Атакующий трафик вчера, сегодня, завтра: про актуальные реалии и DDoS-вызовы

Рассказываем про собственную статистику DDoS-атак за 2025 и первый квартал 2026 года — и через эту призму размышляем об эволюции DDoS как явления в целом. Предисловие: эволюция трафика и DDoS как...

Хабр
Show threadProgramming N' Language2d ago

Break down by countries, Mexico, Unite States, Singapore are in the top. Traffic are fairly distributed. How do you think?

#webdev #websecurity #ddos #buildinpublic

GNU/Linux.ch3d ago

Achtsamkeits-Programm für ausgebrannte Server

Präventionsmaßnahmen sollen Server vor stressbedingten Abstürzen schützen.

#scraping #DDoS #KI #Hamsterrad #Linux

https://gnulinux.ch/achtsamkeits-programm-fuer-ausgebrannte-server

Achtsamkeits-Programm für ausgebrannte Server

Präventionsmaßnahmen sollen Server vor stressbedingten Abstürzen schützen.

GNU/Linux.ch
Hackread.com4d ago

F5 BIG-IP APM vulnerability (CVE-2025-53521) escalates to critical 9.8 RCE, actively exploited. Patch now, check IoCs, and secure vulnerable systems immediately.

Read: https://hackread.com/critical-f5-big-ip-flaw-upgrad-to-9-8-rce-exploited/

#CyberSecurity #F5 #Vulnerability #DDoS #RCE

Critical F5 BIG-IP Flaw Upgraded to 9.8 RCE, Exploited in the Wild

F5 BIG-IP APM flaw CVE-2025-53521 escalates to critical 9.8 RCE, actively exploited. Patch now, check IoCs, and secure vulnerable systems immediately.

Hackread - Cybersecurity News, Data Breaches, AI and More
CyberVeille.ch5d ago

📢 Analyse technique des botnets basés sur Mirai : Aisuru, KimWolf, Satori et opérations de démantèlement
📝 ## 🌐 Contexte

Publié le 30 mars 2026 par Pulsedive Threat Research, cet...
📖 cyberveille : https://cyberveille.ch/posts/2026-03-30-analyse-technique-des-botnets-bases-sur-mirai-aisuru-kimwolf-satori-et-operations-de-demantelement/
🌐 source : https://blog.pulsedive.com/the-operations-of-the-swarm-inside-the-complex-world-of-mirai-based-botnets/
#Aisuru #DDoS #Cyberveille

Analyse technique des botnets basés sur Mirai : Aisuru, KimWolf, Satori et opérations de démantèlement

🌐 Contexte Publié le 30 mars 2026 par Pulsedive Threat Research, cet article constitue un primer technique sur l’écosystème des botnets modernes basés sur Mirai, avec un focus sur les familles Aisuru, KimWolf et Satori, ainsi que sur les actions de démantèlement menées par le DOJ américain le 19 mars 2026. 📈 Tendances générales Spamhaus a enregistré une hausse de 24 % des serveurs C2 de botnets sur la période juillet-décembre 2025 par rapport au semestre précédent, et de 26 % sur janvier-juin 2025. Les États-Unis ont dépassé la Chine comme pays hébergeant le plus de serveurs C2, une position que la Chine détenait depuis le troisième trimestre 2023.

CyberVeille
Alex5d ago

I'd guess FreeBSD's infrastructure is under attack. mailing list manager is super slow, forums have been defaced, what else is going on?

also, no official channel has acknowledged this yet?

tagging @FreeBSDFoundation for lack of a better profile

#freebsd #ddos #cybersecurity #hacking

Show threadDmytro Demchenko 🇺🇦6d ago
@davidpwhelan This case feels like a "teething trouble" that might never truly be cured. But my main concern is the legal systemic impact: as these #RAG infused tools lower the barrier to entry, we will see an exponential surge in such "fragile" legal outputs. How will the legal system handle this #DDos attack of automated incompetence? Are we looking at a future where the courts are paralyzed by the sheer volume of #AI generated procedural errors?
AllAboutSecurityMar 29

Cybervorfälle in Belgien 2025: +70 % Meldungen, mehr Ransomware-Schäden

Das Centre for Cybersecurity Belgium registrierte 635 Meldungen – rund 70 Prozent mehr als im Vorjahr.

https://www.all-about-security.de/cybervorfaelle-in-belgien-2025-70-meldungen-mehr-ransomware-schaeden/

#cybersecurity #ransomware #ddos #exploits

Cybervorfälle in Belgien 2025: +70 % Meldungen, mehr Ransomware-Schäden

Das CCB verzeichnete 2025 einen starken Anstieg auf 635 Cybervorfälle. Kontoübernahmen, Ransomware und DDoS bleiben die dominierenden Bedrohungen.

All About Security Das Online-Magazin zu Cybersecurity (Cybersicherheit). Ransomware, Phishing, IT-Sicherheit, Netzwerksicherheit, KI, Threats, DDoS, Identity & Access, Plattformsicherheit