THE U.S. Justice Department, with help from Canada and Germany, dismantled the infrastructure behind four IoT botnets that compromised more than three million devices such as routers and web cameras, in a bid to curb a wave of record-smashing DDoS attacks. The botnets—Aisuru, Kimwolf, JackSkid and Mossad—were used to launch hundreds of thousands of attacks, with some victims reporting tens of thousands of dollars in losses and remediation costs, according to the DOJ.
The oldest, Aisuru, issued more than 200,000 attack commands, while JackSkid hurled at least 90,000 commands; Kimwolf issued more than 25,000, and Mossad was blamed for roughly 1,000 digital sieges. On 2 January 2026, Synthient publicly disclosed the vulnerability Kimwolf used to propagate, a disclosure that helped curb its spread but allowed other IoT botnets to copy Kimwolf’s methods while competing for vulnerable devices.
The disruption coincided with law enforcement actions in Canada and Germany, and the DOJ credited nearly two dozen technology companies with assistance, per statements from according to the DOJ.