Jacob Butler, operating the Kimwolf DDoS botnet (a variant of AISURU), was arrested in Canada for orchestrating DDoS-for-hire attacks. The botnet enslaved IoT devices like digital photo frames and web cameras, using them to launch over 25,000 attack commands against various targets, including Department of Defense Information Network (DoDIN) IP addresses.
Initial Access
IoT Device Enslavement
confirmed
The Kimwolf botnet infected devices traditionally 'firewalled' from the internet, such as digital photo frames and web cameras, enslaving them into the botnet.
Defender cut points
Secure IoT devices with strong, unique passwords and regular firmware updatesSegment IoT networks to restrict internet exposure and isolate vulnerable devices
