Microsoft Azure: US and friends disrupt world's largest DDoS botnet responsible for record 31.4 Tbps global attacks

Global Law Enforcement Disrupts Four Major DDoS Botnets, Including Record-Breaking 31.4 Tbps Attack

An international operation led by the U.S., Canada, and Germany has dismantled four large-scale botnets responsible for some of the most powerful distributed denial-of-service (DDoS) attacks in history. The coordinated effort targeted the command-and-control (C2) infrastructure, virtual servers, and domains used to compromise over 3 million IoT devices worldwide.

The botnets Aisuru, KimWolf, JackSkid, and Mossad were linked to record-breaking attacks, including a 31.4 Tbps DDoS assault, one of the largest ever recorded. The Aisuru botnet alone was behind a 15.72 Tbps attack on Microsoft Azure, while KimWolf infected 1.8 million Android-based smart TVs and media devices. JackSkid executed over 90,000 DDoS attack commands, and Mossad launched more than 1,000.

The operation, conducted simultaneously across multiple jurisdictions, focused on disrupting the infrastructure powering these botnets, which primarily exploited unpatched IoT devices like Wi-Fi routers, digital video recorders, and web cameras. Many of these devices lack regular security updates, making them vulnerable to hijacking.

U.S. Attorney Michael J. Heyman emphasized the significance of the collaboration, stating that the effort aimed to protect critical internet infrastructure and hold cybercriminals accountable, regardless of their location. The takedown marks a major victory against DDoS-for-hire services, which have increasingly relied on large-scale botnets to overwhelm targets.

Source: https://www.techradar.com/pro/security/us-and-friends-disrupt-worlds-largest-ddos-botnet-responsible-for-record-31-4-tbps-global-attacks

Microsoft cybersecurity rating report: https://www.rankiteo.com/company/microsoft

"id": "MIC1774016681",
"linkid": "microsoft",
"type": "Cyber Attack",
"date": "3/2026",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"

{'affected_entities': [{'industry': 'Technology',
                        'name': 'Microsoft Azure',
                        'type': 'Cloud Service Provider'}],
 'attack_vector': 'Botnets (IoT devices)',
 'description': 'An international operation led by the U.S., Canada, and '
                'Germany has dismantled four large-scale botnets responsible '
                'for some of the most powerful distributed denial-of-service '
                '(DDoS) attacks in history. The coordinated effort targeted '
                'the command-and-control (C2) infrastructure, virtual servers, '
                'and domains used to compromise over 3 million IoT devices '
                'worldwide.',
 'impact': {'operational_impact': 'Disruption of critical internet '
                                  'infrastructure',
            'systems_affected': 'Over 3 million IoT devices worldwide'},
 'investigation_status': 'Disrupted',
 'post_incident_analysis': {'corrective_actions': 'Disruption of botnet '
                                                  'infrastructure',
                            'root_causes': 'Exploitation of unpatched IoT '
                                           'devices'},
 'references': [{'source': 'U.S. Attorney Michael J. Heyman'}],
 'response': {'containment_measures': 'Disruption of command-and-control (C2) '
                                      'infrastructure, virtual servers, and '
                                      'domains',
              'law_enforcement_notified': 'Yes',
              'third_party_assistance': 'Law enforcement (U.S., Canada, '
                                        'Germany)'},
 'title': 'Global Law Enforcement Disrupts Four Major DDoS Botnets, Including '
          'Record-Breaking 31.4 Tbps Attack',
 'type': 'DDoS',
 'vulnerability_exploited': 'Unpatched IoT devices (Wi-Fi routers, digital '
                            'video recorders, web cameras)'}