FBI zerschlägt großes Botnetz – und befreit versehentlich 95.000 Geräte

Operation 'Droid Drain' geht nach hinten los: FBI-Aktion gegen Cyberkriminelle endet mit ungeplantem Massen-Release.

Kollateralschaden

Die Malware-Bekämpfung wurde zum Bumerang – statt nur die Kontrolle über das Botnetz zu übernehmen, deaktivierte das FBI die gesamte Infrastruktur und ließ Zehntausende infizierte Geräte ungeschützt zurück.

Opfer bleiben im Regen stehen

95.000 Systeme sind jetzt ohne Schutzschild – während sich die Behörden auf die Schulter klopfen, müssen Unternehmen und Privatnutzer selbst nach Lösungen suchen. Ein klassischer Fall von 'gut gemeint, aber schlecht gemacht'.

Cyber-Sicherheit bleibt ein Lotteriespiel

Wer auf staatliche Hilfe setzt, steht am Ende oft da wie ein Bagholder nach einem Pump-and-Dump – voller Hoffnung, aber mit leeren Händen.

Aisuru floods the internet with world-record DDoS attacks

On September 1, Cloudflare reported it had recorded the biggest DDoS attack ever seen. The attack pushed out 11.5 trillion bits per second of garbage traffic. That’s enough to kill the download speed of over 50,000 home internet connections in one hit.

Cloudflare posted about it on X, calling it a “world record” in intensity. Network operators say this was just one of many similar attacks in recent weeks. The attacks were short but massive—some only lasted seconds, likely just tests of the botnet’s full power.

The real danger is what these botnets are made of. Aisuru doesn’t use computers—it uses routers, smart TVs, and security cameras. Devices people forget, leave online, and rarely update. Once they’re hijacked, they become part of the army.

And once they’re part of a botnet, they’re locked in, only one botnet at a time. When the FBI removed the old malware, that opened the door for Aisuru to swoop in.

This comes right after prosecutors in August charged a 22-year-old man from Oregon for running a botnet that knocked X offline earlier this year. That attack showed how vulnerable even big platforms are to these kinds of cyberweapons. But what’s coming next looks a lot worse.

New botnets move from fraud to cyberwar

These aren’t just tech nuisances anymore. The new generation of botnets is being built using faster devices with stronger bandwidth, giving them far more muscle. Some experts say these networks can now be used to knock out internet access across entire countries.

Craig Labovitz, head of tech at Nokia’s Deepfield division, put it simply: “Before the concern was websites; now the concern is countries.” It’s already happened. The UK said Russia’s GRU launched DDoS attacks on Ukraine’s banks in 2022, just before its military invasion.

Now, criminal networks seem to be following that same playbook, but on a global scale. One network that Google killed earlier this year had grown from 74,000 Android TV devices in 2023 to over 10 million in just two years.

That made it the biggest known botnet made of smart TVs. Google said it was used to click billions of ads in a massive fraud scheme, but warned it could just as easily be turned into a weapon, either for ransomware or internet takedowns.

Meanwhile, another botnet called ResHydra is growing even bigger. Built from tens of millions of devices, ResHydra started with basic fraud but has now begun launching online attacks. Chris Formosa, a researcher at Lumen’s Black Lotus Labs, said that controlling a network of that size WOULD let someone “do extreme damage to a country.”

Until now, only big cloud services like Google Cloud and Amazon Web Services have been able to block most of these attacks. But even those defenses could fall if botnets like Aisuru or ResHydra get stronger or combine forces.

Want your project in front of crypto’s top minds? Feature it in our next industry report, where data meets impact.