Authorities from the U.S., Canada, and Germany dismantled four IoT botnetsāAisuru, Kimwolf, JackSkid, and Mossadāthat compromised over three million IoT devices. These botnets launched hundreds of thousands of DDoS attacks, including against the Department of Defense, and extorted victims for tens of thousands of dollars.
Initial Access
IoT Device Compromise
confirmed
Threat actors exploited vulnerabilities in Internet of Things (IoT) devices like routers and web cameras to gain unauthorized access, compromising over three million devices. Kimwolf introduced a novel spreading mechanism to infect devices behind internal networks.
Defender cut points
Implement robust vulnerability management for IoT devicesEnsure default credentials are changed on all IoT devicesSegment IoT networks to limit lateral movementApply security updates and patches to IoT devices promptly
