DDoS Botnet Attacks US ISPs – Krebs on Security

DDoS Botnet Attacks US ISPs – Krebs on Security

October 11, 2025 Lisa Park - Tech Editor Tech

Aisuru: A⁢ Growing IoT Botnet Poses a Major DDoS⁣ Threat

This article⁢ details the rise of ⁢ Aisuru, a⁢ massive and rapidly growing botnet comprised of ​compromised⁣ Internet of Things (IoT) devices, and ⁣the ⁤increasing difficulty and cost of mitigating its attacks.

Key Takeaways:

* Scale​ & Cost: Aisuru is⁣ a significant threat, requiring at least $1 million⁣ per month ‌in network capacity just to defend against ⁢its attacks.
* rapid Expansion: The botnet⁤ has grown quickly, leveraging zero-day vulnerabilities in IoT devices. It ⁣currently⁤ boasts around 300,000 nodes.
* ⁢ Totolink Compromise: In April ​2025, ⁣Aisuru operators ‌compromised the firmware‌ update server‌ for‌ Totolink, a low-cost⁢ router manufacturer, ‌distributing malicious scripts to expand the botnet.
* Rapper Bot’s Demise – Aisuru’s ⁢Gain: The takedown of⁣ the ​competing ⁣ Rapper Bot DDoS-for-hire service by the U.S.‍ department ⁢of Justice in August 2025 actually benefited aisuru.⁣ Aisuru quickly absorbed the vulnerable IoT devices left adrift by Rapper ‍Bot’s dismantling.
* Re-Compromise is Immediate: ‌Even cleaned IoT devices are quickly re-compromised,often within ​minutes of⁣ being reconnected⁣ to the internet.
* Botmaster Identities (Alleged): ⁣ XLab identifies three alleged operators of ⁢Aisuru (names not provided in this excerpt).
* Mocking the Competition: Aisuru ‌botmasters are reportedly celebrating their​ success, ‌with ‍one adopting the name “Ethan J.Foltz”⁤ – a reference to ‍the alleged ⁣operator⁤ of Rapper Bot.
* 7.7 Tbps Attack: Aisuru recently achieved a‍ record-breaking 7.7 Tbps DDoS attack.

Key Players/Organizations Mentioned:

*‌ Aisuru: ‌The name of ⁤the botnet.
* XLab: ⁤A Chinese security company that first profiled ⁢Aisuru.
* Totolink: A ⁤manufacturer of low-cost ‌routers whose firmware update server⁤ was compromised.
* U.S. Department of⁤ Justice: Responsible for charging the ⁤alleged proprietor‌ of Rapper Bot.
* ​ Rapper‌ Bot: A ‍competing​ DDoS-for-hire⁤ botnet​ that was taken down.
* brian Dobbins: ⁤ A security ‍expert quoted in the article.

This⁣ article highlights the growing threat ⁤of IoT-based botnets and the challenges in ⁤combating them, particularly as⁤ attackers become more sophisticated‌ and exploit ‌vulnerabilities in widely ⁣used devices.