German and North American investigators dismantle large botnets

In a large-scale crackdown on an international hacker network, security authorities in North America and Germany have dismantled the world's two largest botnets, officials said on Friday.

The criminals' infrastructure had mainly been used for denial-of-service attacks (DDoS), Germany's Federal Criminal Police Office (BKA) said.

In such attacks, cybercriminals try to paralyse their victims' websites and apps by flooding them with countless data requests. Most recently, German rail operator Deutsche Bahn’s app and online services were targeted in such an attack.

The law enforcement operation targeted two notorious botnets: Aisuru and Kimwolf. A botnet is a network of internet-connected devices controlled by a hacker.

The older system, Aisuru, primarily infected poorly secured devices like routers and surveillance cameras.

Aisuru is also blamed for what is believed to be the largest known DDoS attack to date, in which an enormous data volume of 31.4 terabits per second was generated. That attack was fended off at the time by IT service provider Cloudflare. The actual target is unknown.

Experts believe Kimwolf is closely related to Aisuru. The second botnet focused more on Android and consumer devices, including TV boxes.

International cooperation by investigators

On the German side, the Central and Contact Point Cybercrime North Rhine-Westphalia and the BKA were involved in the operation. Together with law enforcement authorities from Canada and the United States, the globally distributed technical infrastructure of the two botnets was taken offline.

However, the criminal network has not been completely eliminated because investigators were unable to arrest suspects. Still, law enforcement identified two alleged administrators.

"The accused now face legal consequences," the BKA said. Extensive evidence was seized during searches at their places of residence in Germany and Canada. In addition to numerous data carriers, cryptocurrencies in the five-figure range were also secured.