An operation to crack down on the widely used RedLine infostealer has netted the extradition of an Armenian man to the United States, where he made an initial appearance in a Texas court Wednesday.

Authorities charged Hambardzum Minasyan with conspiracy to commit access device fraud, conspiracy to violate the Computer Fraud and Abuse Act and conspiracy to commit money laundering for his alleged role with RedLine. Infostealers thieve billions of user credentials such as passwords annually.

“Hambardzum Minasyan allegedly conspired with others to enrich himself by developing and administering RedLine, one of the most prevalent infostealing malware variants in the world, which has previously been used to conduct intrusions against major corporations,” a Justice Department news release said. “When executed, RedLine would steal data, including access devices, from victims’ computers.”

According to a summary of the indictment, Minasyan allegedly registered two virtual private servers to host RedLine, established repositories of online file sharing for distributing Redline to affiliates and registered a cryptocurrency account to receive affiliate payments.

Collectively, the conspirators also responded to questions and requests from affiliates, conspired to steal and own financial information and laundered cybercrime proceeds through cryptocurrency exchanges, the indictment states.

In 2024, the U.S. Justice Department teamed with Belgium, the Netherlands, Eurojust and others on Operation Magnus to disrupt the RedLine and Meta infostealers, the latter of which derived from the former. That same year, the Justice Department charged a Russian man, Maxim Rudometov, for his alleged role in developing RedLine.

Eurojust assisted with the extradition of Minasyan.

Court records related to Minasyan’s case had not been posted on the Pacer court system as of Wednesday afternoon. The U.S. Attorney’s Office for the Western District of Texas, which is prosecuting the case, did not immediately respond to requests for a copy of the indictment.

The post Alleged RedLine infostealer conspirator extradited to US appeared first on CyberScoop.

Four years ago, the Department of Justice announced it would no longer seek criminal charges against independent and third-party security researchers for “good faith” security research under the Computer Fraud and Abuse Act.

Now, a prominent bug bounty platform is attempting to build a framework for industry to offer similar protections to researchers who study flaws in AI systems, including fields like AI safety and others that look at unintended behaviors and outputs that can impact security outcomes.

Ilona Cohen, chief legal and policy officer at HackerOne, told CyberScoop the Good Faith AI Research Safe Harbor is meant to build off previous efforts — like the DOJ policy change and the company’s own Gold Standard Safe Harbor framework — that provide wider legal freedom for third-party security researchers to prod and test commercial products and systems for flaws and expand them to the AI realm.

HackerOne previously pushed the DOJ to provide further guidance on how its good faith researcher policy would apply to AI systems. Cohen said the department’s language “provides a lot of clarity and helped security researchers have the comfort to be able to do the testing that’s so important to the backbone of our security industry, [but] it doesn’t necessarily apply to all AI research.”

The DOJ’s policy change in 2022 represented a hard-fought victory following years of advocacy by the cybersecurity community. Without further guidance from DOJ, Cohen said it was important for industry to do the same foundational work around advocacy and governance for AI testing that helped good faith hackers convince the agency that independent researchers are an asset to the broader cybersecurity ecosystem.

Participating companies can attach a “banner” to their HackerOne profile advertising their adoption of the protections, which commit them to, among other things, “refraining from legal action … and supporting researchers if third parties pursue claims related to authorized research.”

Even as the Trump administration signals little interest in safety or security issues around AI systems, other policymakers have said strong protections and guardrails should be one of the key differentiators when convincing other countries to adopt U.S.-made AI systems and models over authoritarian competitors like China. Cohen said it was especially critical to open testing of AI systems when they’re being broadly adopted across society.

“Since AI systems are essentially deploying a lot faster than any of the governance or legal frameworks can keep up, that creates some risk … for all of us when people are reluctant to do testing of AI systems,” Cohen said.

Frontier AI companies like OpenAI and Anthropic have generally kept a tighter grip on their own security research programs.

OpenAI, for instance, runs its own network of third-party red team researchers, vetting and selecting them through an application process. According to the company’s website, red-team engagements are commissioned by OpenAI and can be steered to different researchers at the company’s discretion, with participation from some members as little as five-to-10 hours per year. Researchers can also apply under a separate program that focuses on issues like AI safety and misuse.

Anthropic’s responsible disclosure policy defines “good faith” third-party security research as testing information systems “for the sole purpose” of identifying a reportable vulnerability. As such, researchers are expected to only take actions that are “minimally required to reasonably prove that such potential vulnerability exists” and avoid actual harmful actions, such as exfiltrating or deleting data.

It also requires the researcher to “avoid disclosing the existence of or any details relating to the discovered vulnerability to a third party or to the public” without “notice” from the company.

“We fully support researchers’ right to publicly disclose vulnerabilities they discover,” the terms state. “We ask only to coordinate on the timing of such disclosures to prevent potential harm to our services, customers and other parties.”

Anthropic’s terms also seek to broadly indemnify them from any negative outcomes related to the use or integration of their products, using all caps to emphasize that it will “EXPRESSLY DISCLAIM” all warranties of fitness their products may have in areas like “ACCURACY, AVAILABILITY, RELIABILLITY, SECURITY, PRIVACY, COMPATABILITY [and] NON-INFRINGEMENT.”

OpenAI and Anthropic did not respond to a request for comment by the time of publication.

The post HackerOne rolls out industry framework to support ‘good faith’ AI research appeared first on CyberScoop.

A federal court has thrown out a lawsuit brought by the Trump administration attempting to force the state of California to turn over sensitive voter data.

The decision, issued by the U.S. Central District Court of Southern California, is a major setback to the federal government’s massive data collection effort on American voters, and its argument that existing civil rights laws permit it to demand that information from states in the name of election integrity.

The ruling, signed by Judge David Carter, called voting “a fundamental political right” and stated flatly: “the government’s request is unprecedented and illegal.”

Carter noted that the civil rights laws the Department of Justice cited to justify its demand for the records were “to protect hard won civil rights victories allowing access to the ballot box,” not to give the executive branch or president unfettered access to voter data.

The opinion also described the breadth and scope of the government’s request as “unprecedented,” noting it was seeking information such as names, social security numbers, home addresses, voting history and “other sensitive information” for nearly 23 million Californians. While California officials offered the federal government redacted versions of the information, DOJ’s lawsuit asked for the full, unredacted copies of the records.

“The pieces of legislation at issue in this litigation were not passed as an unrestricted means for the Executive to collect highly sensitive information about the American people,” Carter wrote. “It is not for the Executive, or even this Court to authorize the use of civil rights legislation as a tool to forsake the privacy rights of millions of Americans. That power belongs solely to Congress.”

Last September, the federal government sued California Secretary of State Shirely Weber—one of dozens of state officials facing federal lawsuits for  refusing to hand over unredacted voter data. The federal government claims the lawsuits are meant to ensure “clean” voter rolls and deter noncitizen voting and voter fraud, but neither it nor Trump have ever been able to prove their claims in court.

Election and legal experts have predicted that the administration’s efforts to compel states to hand voter records over to the federal government would face serious pushback in the courts, as the constitution explicitly empowers states and Congress to manage elections.

The League of Women Voters of California, the American Civil Liberties Union, the ACLU Foundation of Northern California, and the ACLU Foundation of Southern California brought a joint countersuit on behalf of voters to halt the DOJ’s demands. The groups argued state laws and federal privacy protection prohibited the disclosure of highly sensitive voter data.

In a joint statement following the decision, the groups hailed the win and said it “affirms that the federal government is not entitled to unfettered access to private voter data.”

“Voters should never have to choose between their privacy and their fundamental right to vote,” the statement said. “States must retain authority to manage elections in ways that safeguard sensitive information, and federal agencies must respect the limits on their power.”

Carter also issued a stark warning about the impact of adopting the Trump administration’s legal logic on ballot access, saying that “the taking of democracy does not occur in one fell swoop; it is chipped away piece-by piece until there is nothing left.”

“The case before the Court is one of these cuts that imperils all Americans,” Carter wrote. The erosion of privacy and rolling back of voting rights is a decision for open and public debate within the Legislative Branch, not the Executive. The Constitution demands such respect, and the Executive may not unilaterally usurp the authority over elections it seeks to do so here.”

The administration’s demand to states like California “goes far beyond what Congress intended” when it passed the underlying civil rights laws cited in the government’s justification, and citizens would rightly fear that the data could be misused by “executive fiat.”

“The centralization of this information by the federal government would have a chilling effect on voter registration which would inevitably lead to decreasing voter turnout as voters fear that their information is being used for some inappropriate or unlawful purpose,” Carter wrote in his conclusion.

The post Federal court dismisses Trump DOJ lawsuit seeking California voter data appeared first on CyberScoop.

As the Trump administration considers loosening restrictions on the sale of high-performance computer chips that power modern artificial intelligence systems to China, his Department of Justice continues to prosecute businesses and individuals who sell or divert these same technologies to companies based in China. 

On Monday, federal prosecutors announced that it had secured a guilty plea from a Chinese-American citizen Alan Hao Hsu and his company Hao Global for a multi-million-dollar scheme to funnel advanced AI computer chips to Chinese businesses.

In affidavits, investigators at the Department of Commerce’s Bureau of Industry and Security described the smuggled H100 and H200 chips as some of the most sensitive and controlled technologies under U.S. export laws. According to the plea agreement, his company sold NVIDIA chips totaling $160 million to Chinese businesses.

According to court documents obtained by CyberScoop, since at least Oct. 2024 through May 2025, Hsu and others used Hao Global to export, or attempt to export, more than 7,000 NVIDIA H100 and H200 Tensor Core GPUs that are used in many AI and high-performance computing systems. Prosecutors said these chips were designed “to process massive amounts of data, advancing generative AI and large language models and scientific computing.”

Hsu would receive business leads from companies in China looking to buy GPUs, and funding through shell companies and other transactions to purchase the chips under the auspice of legally reselling them to customers in the United States, Malaysia and Thailand. Instead, DOJ said those shipments were diverted to China and Hong Kong, and Hsu and his company allegedly falsified bills of lading – essentially a receipt of what goods were being transported – and loaded them up on boats bound for other countries.

In February 2025, BIS investigators seized one shipment of GPU baseboards in Atlanta that had “incorrect and misclassified shipping information.” The criminal complaint also names two other defendants: Fanyue Gong, a New York resident and owner of a Brooklyn-based technology company and Benlin Yuan, president of a Virginia IT firm, as a part of the conspiracy.

When federal agents visited a New Jersey warehouse managed by Gong’s company, an undercover agent observed employees relabeling Nvidia GPUs with labels for a fake company named SANDKYAN, and one employee told investigators they received instructions from Gong to relabel the boxes in an encrypted messaging app group chat and were paid in cash.

Hsu reportedly received payment for the chips from Chinese sources through bank accounts in Thailand, Malaysia and Singapore.

The plea agreement for Hsu, a naturalized U.S. citizen who lives in Fort Bend, Texas, notes that he has been informed his guilty plea could result in consequences for his immigration status, including potential denaturalization and deportation.  

It’s the second such case brought forward in the last month by the Department of Justice alleging that individuals and businesses selling high performance GPUs to China were violating export controls and threatening national security.

Last month, DOJ announced similar charges against four U.S. and Chinese nationals in Florida, Alabama and California for conspiracy, smuggling and money laundering. The group allegedly evaded export restrictions by sending NVIDIA GPUs to Malaysia and Thailand before routing them to China between 2023 and 2025.

Prosecutors in the case said that preventing these chips from reaching China was a matter of “safeguarding our country’s national security.” The individuals charged face lengthy jail sentences: the conspiracy and money laundering charges come with a maximum 20-year prison sentence, while smuggling carries a maximum of 10 years.

As Caleb Withers, a research associate at the Center for a New American Security, noted in a report on AI export controls, “smuggling of cutting-edge chips is widespread, and Huawei and Semiconductor Manufacturing International Corporation (SMIC) have in some cases still been able to get their hands on advanced equipment integral to helping them advance their chip production capabilities.”

Withers also argues that the Bureau of Industry and Security suffers from “chronic underresourcing” and notes that a single shipment of the high-end chips the agency is charged with protecting cost more than their annual enforcement budget.

But arguments by federal prosecutors that China’s access to these chips would fundamentally undermine U.S. national security contrasted with President Trump’s announcement the same day that he had personally informed Chinese President Xi Jinping that he would allow NVIDIA to sell the very same H200 chips to China and other countries. In doing so, he promised unspecified “conditions” that would protect U.S. national security.

“The Department of Commerce is finalizing the details, and the same approach will apply to AMD, Intel and other GREAT American companies, Trump wrote on Truth Social Monday.

Democrats were quick to pounce on the decision, arguing that the move would harm U.S. companies that benefit from chip restrictions while simultaneously boosting industry for a geopolitical adversary in China. Eight Senate Democrats said in a statement that the H200 chips approved for sale by the Trump administration are “vastly more capable than anything China can make” and warned that “gifting them to Beijing would squander America’s primary advantage in the AI race.”

“Chinese AI giant DeepSeek said as recently as last week that the lack of access to advanced American-designed AI chips is the single biggest impediment to its ability to compete with U.S. AI companies,” the senators said. “With this decision, President Trump is poised to remove that barrier.”

Another Democrat, Sen. Mark Warner, D-Va., said he believes U.S. dominance in AI hardware will come down to whether U.S. or Chinese products influence the global supply chain and criticized the White House for its lack of strategic vision.

“Unfortunately, the Trump administration’s haphazard and transactional approach to export policy demonstrates that it does not have any sort of coherent strategy for how we will compete with China, specifically as it relates to whose chips, tools, cloud infrastructure, and ecosystem will influence the most AI developers worldwide,” said Warner in a statement.

Earlier this year, a group of experts told Congress that AI chip export controls were among the most effective tools in slowing down Chinese companies in the AI race.

Some experts reached by CyberScoop said there was a crucial distinction between the DOJ’s legal prosecution of companies who are knowingly breaking established laws and the Trump administration’s policy shift around selling AI chips.

“Those businessmen allegedly violated export control laws, evaded licensing requirements, and engaged in smuggling,” said Elly Rostoum, a senior fellow at the Center for European Policy Analysis and former National Security Council staffer. “Even if the White House later decides to loosen restrictions, the DOJ still has an obligation to prosecute violations of the laws as they existed.”

Rostoum said federal prosecutors can’t retroactively excuse criminal conduct because policy preferences shift in the White House, and that a legal market for H200 chips should still leave room for prosecuting bad actors who use illegal means to do the same thing.

“Criminal smuggling operations that create a completely unmonitored black market where chips disappear into unknown end-uses with zero accountability,” she said. “Even if you support opening up some sales to China, you still want to prosecute smugglers because the black market undermines any attempt at strategic control.”

Chinese government officials, for their part, reportedly intend to put limits on how many domestic companies will be able to buy the chips as part of the country’s goal of establishing self-sufficient technology markets. According to the Financial Times, citing anonymous sources, regulators in Beijing have been discussing ways to permit limited access to NVIDIA H200 chips, with buyers likely going through an approval process where they must justify why they can’t purchase their chips from domestic providers.

The post As White House moves to send AI chips to China, Trump’s DOJ prosecutes chip smugglers appeared first on CyberScoop.

A Ukrainian man indicted in 2012 for conspiring with a prolific hacking group to steal tens of millions of dollars from U.S. businesses was arrested in Italy and is now in custody in the United States, KrebsOnSecurity has learned.

Sources close to the investigation say Yuriy Igorevich Rybtsov, a 41-year-old from the Russia-controlled city of Donetsk, Ukraine, was previously referenced in U.S. federal charging documents only by his online handle “MrICQ.” According to a 13-year-old indictment (PDF) filed by prosecutors in Nebraska, MrICQ was a developer for a cybercrime group known as “Jabber Zeus.”

The Jabber Zeus name is derived from the malware they used — a custom version of the ZeuS banking trojan — that stole banking login credentials and would send the group a Jabber instant message each time a new victim entered a one-time passcode at a financial institution website. The gang targeted mostly small to mid-sized businesses, and they were an early pioneer of so-called “man-in-the-browser” attacks, malware that can silently intercept any data that victims submit in a web-based form.

Once inside a victim company’s accounts, the Jabber Zeus crew would modify the firm’s payroll to add dozens of “money mules,” people recruited through elaborate work-at-home schemes to handle bank transfers. The mules in turn would forward any stolen payroll deposits — minus their commissions — via wire transfers to other mules in Ukraine and the United Kingdom.

The 2012 indictment targeting the Jabber Zeus crew named MrICQ as “John Doe #3,” and said this person handled incoming notifications of newly compromised victims. The Department of Justice (DOJ) said MrICQ also helped the group launder the proceeds of their heists through electronic currency exchange services.

Two sources familiar with the Jabber Zeus investigation said Rybtsov was arrested in Italy, although the exact date and circumstances of his arrest remain unclear. A summary of recent decisions (PDF) published by the Italian Supreme Court states that in April 2025, Rybtsov lost a final appeal to avoid extradition to the United States.

According to the mugshot website lockedup[.]wtf, Rybtsov arrived in Nebraska on October 9, and was being held under an arrest warrant from the U.S. Federal Bureau of Investigation (FBI).

The data breach tracking service Constella Intelligence found breached records from the business profiling site bvdinfo[.]com showing that a 41-year-old Yuriy Igorevich Rybtsov worked in a building at 59 Barnaulska St. in Donetsk. Further searching on this address in Constella finds the same apartment building was shared by a business registered to Vyacheslav “Tank” Penchukov, the leader of the Jabber Zeus crew in Ukraine.

Penchukov was arrested in 2022 while traveling to meet his wife in Switzerland. Last year, a federal court in Nebraska sentenced Penchukov to 18 years in prison and ordered him to pay more than $73 million in restitution.

Lawrence Baldwin is founder of myNetWatchman, a threat intelligence company based in Georgia that began tracking and disrupting the Jabber Zeus gang in 2009. myNetWatchman had secretly gained access to the Jabber chat server used by the Ukrainian hackers, allowing Baldwin to eavesdrop on the daily conversations between MrICQ and other Jabber Zeus members.

Baldwin shared those real-time chat records with multiple state and federal law enforcement agencies, and with this reporter. Between 2010 and 2013, I spent several hours each day alerting small businesses across the country that their payroll accounts were about to be drained by these cybercriminals.

Those notifications, and Baldwin’s tireless efforts, saved countless would-be victims a great deal of money. In most cases, however, we were already too late. Nevertheless, the pilfered Jabber Zeus group chats provided the basis for dozens of stories published here about small businesses fighting their banks in court over six- and seven-figure financial losses.

Baldwin said the Jabber Zeus crew was far ahead of its peers in several respects. For starters, their intercepted chats showed they worked to create a highly customized botnet directly with the author of the original Zeus Trojan — Evgeniy Mikhailovich Bogachev, a Russian man who has long been on the FBI’s “Most Wanted” list. The feds have a standing $3 million reward for information leading to Bogachev’s arrest.

The core innovation of Jabber Zeus was an alert that MrICQ would receive each time a new victim entered a one-time password code into a phishing page mimicking their financial institution. The gang’s internal name for this component was “Leprechaun,” (the video below from myNetWatchman shows it in action). Jabber Zeus would actually re-write the HTML code as displayed in the victim’s browser, allowing them to intercept any passcodes sent by the victim’s bank for multi-factor authentication.

“These guys had compromised such a large number of victims that they were getting buried in a tsunami of stolen banking credentials,” Baldwin told KrebsOnSecurity. “But the whole point of Leprechaun was to isolate the highest-value credentials — the commercial bank accounts with two-factor authentication turned on. They knew these were far juicier targets because they clearly had a lot more money to protect.”

Baldwin said the Jabber Zeus trojan also included a custom “backconnect” component that allowed the hackers to relay their bank account takeovers through the victim’s own infected PC.

“The Jabber Zeus crew were literally connecting to the victim’s bank account from the victim’s IP address, or from the remote control function and by fully emulating the device,” he said. “That trojan was like a hot knife through butter of what everyone thought was state-of-the-art secure online banking at the time.”

Although the Jabber Zeus crew was in direct contact with the Zeus author, the chats intercepted by myNetWatchman show Bogachev frequently ignored the group’s pleas for help. The government says the real leader of the Jabber Zeus crew was Maksim Yakubets, a 38-year Ukrainian man with Russian citizenship who went by the hacker handle “Aqua.”

The Jabber chats intercepted by Baldwin show that Aqua interacted almost daily with MrICQ, Tank and other members of the hacking team, often facilitating the group’s money mule and cashout activities remotely from Russia.

The government says Yakubets/Aqua would later emerge as the leader of an elite cybercrime ring of at least 17 hackers that referred to themselves internally as “Evil Corp.” Members of Evil Corp developed and used the Dridex (a.k.a. Bugat) trojan, which helped them siphon more than $100 million from hundreds of victim companies in the United States and Europe.

This 2019 story about the government’s $5 million bounty for information leading to Yakubets’s arrest includes excerpts of conversations between Aqua, Tank, Bogachev and other Jabber Zeus crew members discussing stories I’d written about their victims. Both Baldwin and I were interviewed at length for a new weekly six-part podcast by the BBC that delves deep into the history of Evil Corp. Episode One focuses on the evolution of Zeus, while the second episode centers on an investigation into the group by former FBI agent Jim Craig.

The world’s largest and most disruptive botnet is now drawing a majority of its firepower from compromised Internet-of-Things (IoT) devices hosted on U.S. Internet providers like AT&T, Comcast and Verizon, new evidence suggests. Experts say the heavy concentration of infected devices at U.S. providers is complicating efforts to limit collateral damage from the botnet’s attacks, which shattered previous records this week with a brief traffic flood that clocked in at nearly 30 trillion bits of data per second.

Since its debut more than a year ago, the Aisuru botnet has steadily outcompeted virtually all other IoT-based botnets in the wild, with recent attacks siphoning Internet bandwidth from an estimated 300,000 compromised hosts worldwide.

The hacked systems that get subsumed into the botnet are mostly consumer-grade routers, security cameras, digital video recorders and other devices operating with insecure and outdated firmware, and/or factory-default settings. Aisuru’s owners are continuously scanning the Internet for these vulnerable devices and enslaving them for use in distributed denial-of-service (DDoS) attacks that can overwhelm targeted servers with crippling amounts of junk traffic.

As Aisuru’s size has mushroomed, so has its punch. In May 2025, KrebsOnSecurity was hit with a near-record 6.35 terabits per second (Tbps) attack from Aisuru, which was then the largest assault that Google’s DDoS protection service Project Shield had ever mitigated. Days later, Aisuru shattered that record with a data blast in excess of 11 Tbps.

By late September, Aisuru was publicly flexing DDoS capabilities topping 22 Tbps. Then on October 6, its operators heaved a whopping 29.6 terabits of junk data packets each second at a targeted host. Hardly anyone noticed because it appears to have been a brief test or demonstration of Aisuru’s capabilities: The traffic flood lasted less only a few seconds and was pointed at an Internet server that was specifically designed to measure large-scale DDoS attacks.

Aisuru’s overlords aren’t just showing off. Their botnet is being blamed for a series of increasingly massive and disruptive attacks. Although recent assaults from Aisuru have targeted mostly ISPs that serve online gaming communities like Minecraft, those digital sieges often result in widespread collateral Internet disruption.

For the past several weeks, ISPs hosting some of the Internet’s top gaming destinations have been hit with a relentless volley of gargantuan attacks that experts say are well beyond the DDoS mitigation capabilities of most organizations connected to the Internet today.

Steven Ferguson is principal security engineer at Global Secure Layer (GSL), an ISP in Brisbane, Australia. GSL hosts TCPShield, which offers free or low-cost DDoS protection to more than 50,000 Minecraft servers worldwide. Ferguson told KrebsOnSecurity that on October 8, TCPShield was walloped with a blitz from Aisuru that flooded its network with more than 15 terabits of junk data per second.

Ferguson said that after the attack subsided, TCPShield was told by its upstream provider OVH that they were no longer welcome as a customer.

“This was causing serious congestion on their Miami external ports for several weeks, shown publicly via their weather map,” he said, explaining that TCPShield is now solely protected by GSL.

Traces from the recent spate of crippling Aisuru attacks on gaming servers can be still seen at the website blockgametracker.gg, which indexes the uptime and downtime of the top Minecraft hosts. In the following example from a series of data deluges on the evening of September 28, we can see an Aisuru botnet campaign briefly knocked TCPShield offline.

Paging through the same uptime graphs for other network operators listed shows almost all of them suffered brief but repeated outages around the same time. Here is the same uptime tracking for Minecraft servers on the network provider Cosmic (AS30456), and it shows multiple large dips that correspond to game server outages caused by Aisuru.

BOTNETS R US

Ferguson said he’s been tracking Aisuru for about three months, and recently he noticed the botnet’s composition shifted heavily toward infected systems at ISPs in the United States. Ferguson shared logs from an attack on October 8 that indexed traffic by the total volume sent through each network provider, and the logs showed that 11 of the top 20 traffic sources were U.S. based ISPs.

AT&T customers were by far the biggest U.S. contributors to that attack, followed by botted systems on Charter Communications, Comcast, T-Mobile and Verizon, Ferguson found. He said the volume of data packets per second coming from infected IoT hosts on these ISPs is often so high that it has started to affect the quality of service that ISPs are able to provide to adjacent (non-botted) customers.

“The impact extends beyond victim networks,” Ferguson said. “For instance we have seen 500 gigabits of traffic via Comcast’s network alone. This amount of egress leaving their network, especially being so US-East concentrated, will result in congestion towards other services or content trying to be reached while an attack is ongoing.”

Roland Dobbins is principal engineer at Netscout. Dobbins said Ferguson is spot on, noting that while most ISPs have effective mitigations in place to handle large incoming DDoS attacks, many are far less prepared to manage the inevitable service degradation caused by large numbers of their customers suddenly using some or all available bandwidth to attack others.

“The outbound and cross-bound DDoS attacks can be just as disruptive as the inbound stuff,” Dobbin said. “We’re now in a situation where ISPs are routinely seeing terabit-per-second plus outbound attacks from their networks that can cause operational problems.”

“The crying need for effective and universal outbound DDoS attack suppression is something that is really being highlighted by these recent attacks,” Dobbins continued. “A lot of network operators are learning that lesson now, and there’s going to be a period ahead where there’s some scrambling and potential disruption going on.”

KrebsOnSecurity sought comment from the ISPs named in Ferguson’s report. Charter Communications pointed to a recent blog post on protecting its network, stating that Charter actively monitors for both inbound and outbound attacks, and that it takes proactive action wherever possible.

“In addition to our own extensive network security, we also aim to reduce the risk of customer connected devices contributing to attacks through our Advanced WiFi solution that includes Security Shield, and we make Security Suite available to our Internet customers,” Charter wrote in an emailed response to questions. “With the ever-growing number of devices connecting to networks, we encourage customers to purchase trusted devices with secure development and manufacturing practices, use anti-virus and security tools on their connected devices, and regularly download security patches.”

A spokesperson for Comcast responded, “Currently our network is not experiencing impacts and we are able to handle the traffic.”

9 YEARS OF MIRAI

Aisuru is built on the bones of malicious code that was leaked in 2016 by the original creators of the Mirai IoT botnet. Like Aisuru, Mirai quickly outcompeted all other DDoS botnets in its heyday, and obliterated previous DDoS attack records with a 620 gigabit-per-second siege that sidelined this website for nearly four days in 2016.

The Mirai botmasters likewise used their crime machine to attack mostly Minecraft servers, but with the goal of forcing Minecraft server owners to purchase a DDoS protection service that they controlled. In addition, they rented out slices of the Mirai botnet to paying customers, some of whom used it to mask the sources of other types of cybercrime, such as click fraud.

Dobbins said Aisuru’s owners also appear to be renting out their botnet as a distributed proxy network that cybercriminal customers anywhere in the world can use to anonymize their malicious traffic and make it appear to be coming from regular residential users in the U.S.

“The people who operate this botnet are also selling (it as) residential proxies,” he said. “And that’s being used to reflect application layer attacks through the proxies on the bots as well.”

The Aisuru botnet harkens back to its predecessor Mirai in another intriguing way. One of its owners is using the Telegram handle “9gigsofram,” which corresponds to the nickname used by the co-owner of a Minecraft server protection service called Proxypipe that was heavily targeted in 2016 by the original Mirai botmasters.

Robert Coelho co-ran Proxypipe back then along with his business partner Erik “9gigsofram” Buckingham, and has spent the past nine years fine-tuning various DDoS mitigation companies that cater to Minecraft server operators and other gaming enthusiasts. Coelho said he has no idea why one of Aisuru’s botmasters chose Buckingham’s nickname, but added that it might say something about how long this person has been involved in the DDoS-for-hire industry.

“The Aisuru attacks on the gaming networks these past seven day have been absolutely huge, and you can see tons of providers going down multiple times a day,” Coelho said.

Coelho said the 15 Tbps attack this week against TCPShield was likely only a portion of the total attack volume hurled by Aisuru at the time, because much of it would have been shoved through networks that simply couldn’t process that volume of traffic all at once. Such outsized attacks, he said, are becoming increasingly difficult and expensive to mitigate.

“It’s definitely at the point now where you need to be spending at least a million dollars a month just to have the network capacity to be able to deal with these attacks,” he said.

RAPID SPREAD

Aisuru has long been rumored to use multiple zero-day vulnerabilities in IoT devices to aid its rapid growth over the past year. XLab, the Chinese security company that was the first to profile Aisuru’s rise in 2024, warned last month that one of the Aisuru botmasters had compromised the firmware distribution website for Totolink, a maker of low-cost routers and other networking gear.

“Multiple sources indicate the group allegedly compromised a router firmware update server in April and distributed malicious scripts to expand the botnet,” XLab wrote on September 15. “The node count is currently reported to be around 300,000.”

Aisuru’s operators received an unexpected boost to their crime machine in August when the U.S. Department Justice charged the alleged proprietor of Rapper Bot, a DDoS-for-hire botnet that competed directly with Aisuru for control over the global pool of vulnerable IoT systems.

Once Rapper Bot was dismantled, Aisuru’s curators moved quickly to commandeer vulnerable IoT devices that were suddenly set adrift by the government’s takedown, Dobbins said.

“Folks were arrested and Rapper Bot control servers were seized and that’s great, but unfortunately the botnet’s attack assets were then pieced out by the remaining botnets,” he said. “The problem is, even if those infected IoT devices are rebooted and cleaned up, they will still get re-compromised by something else generally within minutes of being plugged back in.”

BOTMASTERS AT LARGE

XLab’s September blog post cited multiple unnamed sources saying Aisuru is operated by three cybercriminals: “Snow,” who’s responsible for botnet development; “Tom,” tasked with finding new vulnerabilities; and “Forky,” responsible for botnet sales.

KrebsOnSecurity interviewed Forky in our May 2025 story about the record 6.3 Tbps attack from Aisuru. That story identified Forky as a 21-year-old man from Sao Paulo, Brazil who has been extremely active in the DDoS-for-hire scene since at least 2022. The FBI has seized Forky’s DDoS-for-hire domains several times over the years.

Like the original Mirai botmasters, Forky also operates a DDoS mitigation service called Botshield. Forky declined to discuss the makeup of his ISP’s clientele, or to clarify whether Botshield was more of a hosting provider or a DDoS mitigation firm. However, Forky has posted on Telegram about Botshield successfully mitigating large DDoS attacks launched against other DDoS-for-hire services.

In our previous interview, Forky acknowledged being involved in the development and marketing of Aisuru, but denied participating in attacks launched by the botnet.

Reached for comment earlier this month, Forky continued to maintain his innocence, claiming that he also is still trying to figure out who the current Aisuru botnet operators are in real life (Forky said the same thing in our May interview).

But after a week of promising juicy details, Forky came up empty-handed once again. Suspecting that Forky was merely being coy, I asked him how someone so connected to the DDoS-for-hire world could still be mystified on this point, and suggested that his inability or unwillingness to blame anyone else for Aisuru would not exactly help his case.

At this, Forky verbally bristled at being pressed for more details, and abruptly terminated our interview.

“I’m not here to be threatened with ignorance because you are stressed,” Forky replied. “They’re blaming me for those new attacks. Pretty much the whole world (is) due to your blog.”