A major cybercrime investigation by authorities in the United States and Canada has led to the arrest of a man accused of helping run the KimWolf botnet. Officials confirmed that the operation was linked to several cyberattacks carried out worldwide. The arrest was made after investigators tracked the activities of the botnet for months. Authorities described the case as one of the biggest recent actions against DDoS-for-hire services.

According to investigators, the suspect has been identified as 23-year-old Jacob Butler from Ottawa, Canada. Authorities say he used the online alias “Dort” while allegedly operating within the cybercrime network. Canadian police arrested him under an extradition request made by the United States. He is expected to face computer intrusion-related charges in U.S. court.

Officials say KimWolf was a powerful Distributed Denial-of-Service botnet used to launch cyberattacks on websites and networks. The malware reportedly infected devices such as webcams, Android TV systems, digital photo frames, and other smart devices connected to the internet. Once infected, these devices secretly became part of a remotely controlled attack network. Many device owners reportedly had no idea their systems had been compromised.

Investigators believe the operators rented access to the botnet to customers who wanted to launch DDoS attacks. Authorities say the service allowed users to target websites, online platforms, and networks around the world. Some of the attacks were reportedly aimed at systems connected to the U.S. Department of Defense Information Network. Officials believe the operation worked as a cybercrime-as-a-service platform.

The U.S. Department of Justice stated that attacks linked to KimWolf reached nearly 30 terabits per second. Authorities described this as one of the largest DDoS attack volumes ever recorded. Investigators also said the botnet issued more than 25,000 attack commands during its operation. Some victims reportedly suffered financial losses of more than one million dollars because of these attacks.

Court documents show investigators connected Butler to the alleged operation using digital evidence collected during the investigation. Authorities reportedly traced IP address data, online accounts, transaction records, and online messages linked to the network. Investigators believe this evidence directly connected him to the botnet activities. If convicted, he could face up to 10 years in prison.

Reports also linked KimWolf to another major botnet known as Aisuru. Investigators believe these networks infected millions of devices by targeting weakly protected internet-connected systems. Authorities said residential proxy networks were also abused to expand the operation’s reach. Some estimates suggest that more than three million devices worldwide may have been affected.

Earlier this year, international law enforcement agencies carried out operations targeting KimWolf and several other botnets, including Aisuru, JackSkid, and Mossad. Authorities reportedly seized command-and-control servers used to manage the attacks. Some domains connected to the services were redirected to warning pages informing visitors about illegal DDoS-for-hire operations. Cybersecurity experts say the case highlights the growing danger of IoT-based botnets and global cybercrime networks.

Stay alert, and keep your security measures updated!

Source: Follow cybersecurity88 on X and LinkedIn for the latest cybersecurity news