College Student, Cat Meme Helped Crack Massive #Botnet Case

https://it.slashdot.org/story/26/04/03/1629207/college-student-cat-meme-helped-crack-massive-botnet-case

#Kimwolf #cybersecurity #cybercrime #SocialEngineering

Weekend Reads

* Email address obfuscation in 2026
https://spencermortensen.com/articles/email-obfuscation/
* Profile of Kimwolf botnet researcher
https://www.wsj.com/tech/kimwolf-hack-residential-proxy-networks-a712ab59?st=dHJ5oe
* Quantifying AI data center heat impacts
https://arxiv.org/abs/2603.20897
* Characterizing invalid routes via Tunnels
https://arxiv.org/abs/2603.29207
* Detecting anomalous topology, routes, and congestion
https://arxiv.org/abs/2603.25875

#EMail #Kimwolf #AI #RPKI #BGP

The backstory of #Kimwolf, from our initial sightings early last year to how @synthient discovered the vuln that made that botnet possible.

https://www.wsj.com/tech/kimwolf-hack-residential-proxy-networks-a712ab59?st=3eNTjx

Bekam heute einem E-Mail vom Internetanbieter, dass sich ein Gerät bei mir angeblich Kimwolf eingefangen hat. Der verdächtige Datenverkehr soll am Freitag um 01:37 aufgetreten sein. WLAN ist bei mir nachts immer aus, alle kabelgebundenen Geräte sind per ausschaltbarer Steckdosenleiste vom Netz getrennt. Kann daher wenn dann nur der DSL-Router gewesen sein – oder es ist falscher Alarm.

Noch mehr Leute hier, die das haben und falschen Alarm vermuten?

Gerne #boost

#Kimwolf #Virus #Sicherheit

Kriege eine Warnung von meinem ISP. Um 03:37 Uhr am vergangenen Donnerstag, gab es von meiner IP Datenverkehr, der nach #kimwolf Botnetz aussah.

Ich war im Bett. Handy war über Mobilfunk verbunden. WLAN aus. Keine Geräte per Kabel am Router. Exakt zehn Minuten später erfolgte die automatische Neuverbindung.

Also entweder ist es ein Fehler, oder der Fernseher ist heimlich angegangen und hat Quatsch im Internet gemacht.

Ich finde es schwierig eine #Malware / ein #Botnet nach dem israelischen Geheimdienst #Mossad zu benennen

#Aisuru, #KimWolf & Co.: Behörden „stören“ vier gefährliche Botnets | Security https://www.heise.de/news/Aisuru-KimWolf-Co-Laenderuebergreifende-Aktion-gegen-vier-gefaehrliche-Botnets-11218668.html #DDoS #CyberCrime #JackSkid

"The collection of millions of hacked computers known as Aisuru and Kimwolf have been used to launch some of the biggest distributed denial-of-service (DDoS) attacks ever seen. Now United States law enforcement agencies have wiped both of them off the internet, along with two of the other hordes of hijacked computers—known as botnets—in a single broad takedown.

On Thursday, the US Department of Justice, working with the cybercrime-fighting agency within the US Department of Defense known as the Defense Criminal Investigative Service, announced that it had dismantled four massive botnets in a single operation, removing the command-and-control servers used to commandeer the hacker-run armies of compromised devices known by the names JackSkid, Mossad, Aisuru, and Kimwolf. Together, operators of the four botnets had amassed more than 3 million devices, the Justice Department said, and often sold access to those devices to other criminal hackers as well as using them to target victims with overwhelming floods of attack traffic to knock websites and internet services offline.

Aisuru and Kimwolf, a distinct but Aisuru-related botnet, had together comprised more than a million devices, according to DDoS defense firm Cloudflare, with Aisuru infecting a variety of devices ranging from DVRs to network appliances to webcams, and its Kimwolf offshoot infecting Android devices including smart TVs and set-top boxes."

https://www.wired.com/story/us-takes-down-botnets-used-in-record-breaking-cyberattacks/

#CyberSecurity #Botnets #DDoS #Aisuru #Kimwolf

RE: https://infosec.exchange/@jmeyer/116259050557048999

ICYMI: a story about pulling one thread linking multiple botnets — four of which were targeted by coordinated law enforcement actions this week, and an adjacent one for which our team publishes the C2 decryption scheme.

#aisuru #kimwolf #mossad #jackskid #cecilio

A day late, but I appreciate all new and regular faces that made it out last night.

I hope you all enjoy it as much as I do.

Thought I would leave some learned info:
- Death Valley had a rare flower blooming event
- Tipper is a Drum/bass music artist
- #HomeAssistant is cool

Since I don’t have twitter length restrictions, this article about my #network #security space was nice to read. It is about the #kimwolf #aisuru takedowns. A little bit like wack-a-mole but every little bit helps… I think.

https://www.justice.gov/usao-ak/pr/authorities-disrupt-worlds-largest-iot-ddos-botnets-responsible-record-breaking-attacks

Stay safe out there!