US Government Takes Down Four Massive Botnets That Infected 3 Million Devices

Four Botnets Dismantled in One Sweep

The US Department of Justice has disrupted four major botnets — Aisuru, Kimwolf, JackSkid, and Mossad — that had collectively infected more than 3 million devices worldwide, many of them inside home networks.

The operation is one of the largest botnet takedowns in history and targeted the infrastructure behind some of the most devastating cyberattacks ever recorded, including a 31.4 Tbps DDoS attack in December 2025 — the largest distributed denial-of-service attack ever documented.

How the Botnets Operated

The botnets used sophisticated techniques to compromise IoT devices and home routers, building massive armies of hijacked computers that could be directed to overwhelm targets with traffic. The Aisuru and Kimwolf botnets were particularly notorious for their ability to launch record-breaking attacks that could take down even well-protected services.

The Scale of the Threat

With 3 million infected devices, these botnets represented an enormous amount of potential computing power that could be weaponized at any moment. The devices ranged from home routers and security cameras to smart home gadgets — everyday devices that their owners had no idea were being used in cyberattacks.

The Bottom Line

While taking down four botnets at once is an impressive achievement, it barely scratches the surface of the botnet problem. For every network that gets dismantled, new ones emerge. The real question is why millions of IoT devices remain so easy to compromise in the first place — and whether device manufacturers will ever be held accountable for shipping products with laughably weak security.