FBI’s Botnet Takedown Backfires: 95,000 Devices Accidentally Freed in Major Cyber Op
The FBI just swung its digital hammer at a massive botnet—only to accidentally liberate nearly 100,000 infected devices in the process.
Operation Oops
Agents targeted the notorious network, aiming to dismantle its infrastructure and cripple its malicious operations. But instead of a clean takedown, the move unintentionally cut ties between the command servers and a staggering 95,000 enslaved devices. No data wiped, no systems restored—just sudden, unexpected freedom.
Botnet Blues
Security experts are calling it a 'mixed outcome.' On one hand, a major threat is disrupted. On the other, thousands of devices remain infected—now roaming unchecked without their malicious overlords. It’s like cutting the strings on a puppet show, but the puppets are still holding knives.
Finance folks are probably already pricing in the 'cyber-liability ETF'—because if there’s a way to securitize chaos, Wall Street will find it.
Aisuru floods the internet with world-record DDoS attacks
On September 1, Cloudflare reported it had recorded the biggest DDoS attack ever seen. The attack pushed out 11.5 trillion bits per second of garbage traffic. That’s enough to kill the download speed of over 50,000 home internet connections in one hit.
Cloudflare posted about it on X, calling it a “world record” in intensity. Network operators say this was just one of many similar attacks in recent weeks. The attacks were short but massive—some only lasted seconds, likely just tests of the botnet’s full power.
The real danger is what these botnets are made of. Aisuru doesn’t use computers—it uses routers, smart TVs, and security cameras. Devices people forget, leave online, and rarely update. Once they’re hijacked, they become part of the army.
And once they’re part of a botnet, they’re locked in, only one botnet at a time. When the FBI removed the old malware, that opened the door for Aisuru to swoop in.
This comes right after prosecutors in August charged a 22-year-old man from Oregon for running a botnet that knocked X offline earlier this year. That attack showed how vulnerable even big platforms are to these kinds of cyberweapons. But what’s coming next looks a lot worse.
New botnets move from fraud to cyberwar
These aren’t just tech nuisances anymore. The new generation of botnets is being built using faster devices with stronger bandwidth, giving them far more muscle. Some experts say these networks can now be used to knock out internet access across entire countries.
Craig Labovitz, head of tech at Nokia’s Deepfield division, put it simply: “Before the concern was websites; now the concern is countries.” It’s already happened. The UK said Russia’s GRU launched DDoS attacks on Ukraine’s banks in 2022, just before its military invasion.
Now, criminal networks seem to be following that same playbook, but on a global scale. One network that Google killed earlier this year had grown from 74,000 Android TV devices in 2023 to over 10 million in just two years.
That made it the biggest known botnet made of smart TVs. Google said it was used to click billions of ads in a massive fraud scheme, but warned it could just as easily be turned into a weapon, either for ransomware or internet takedowns.
Meanwhile, another botnet called ResHydra is growing even bigger. Built from tens of millions of devices, ResHydra started with basic fraud but has now begun launching online attacks. Chris Formosa, a researcher at Lumen’s Black Lotus Labs, said that controlling a network of that size WOULD let someone “do extreme damage to a country.”
Until now, only big cloud services like Google Cloud and Amazon Web Services have been able to block most of these attacks. But even those defenses could fall if botnets like Aisuru or ResHydra get stronger or combine forces.
Want your project in front of crypto’s top minds? Feature it in our next industry report, where data meets impact.
