US, Canada, Germany Dismantle Four Record-Breaking IoT DDoS Botnets Affecting 3 Million Devices

The US Justice Department, alongside authorities in Canada and Germany, has dismantled the infrastructure behind four of the world's most destructive IoT botnets, which compromised over 3 million devices including routers and web cameras.

The Botnets

The Operation

• Lead: US DoD Office of Inspector General's DCIS
• FBI Support: Anchorage field office
• Action: Seizure warrants for US-registered domains, virtual servers, infrastructure
• Corporate assistance: Nearly two dozen tech companies helped
• Target protection: Prevented DoD-owned IPs from further DDoS attacks

Attack Characteristics

The four botnets were responsible for:

• Record-breaking DDoS attacks: Capable of knocking nearly any target offline
• Hundreds of thousands of attacks: Combined total across all four botnets
• Extortion: Demanding payments from victims
• Victim losses: Some reported tens of thousands of dollars in damages and remediation costs

Why It Matters

IoT botnets remain one of the most persistent cybersecurity threats:

1. Device insecurity: Millions of routers and cameras ship with weak or default credentials
2. Scale: A single botnet can harness millions of devices for devastating attacks
3. Low barrier: DDoS-for-hire services make attacks accessible to anyone
4. International cooperation required: Botnet operators span multiple jurisdictions

The takedown demonstrates that coordinated international action can disrupt even the largest cybercriminal operations.