Aisuru Botnet Shifts From DDoS to Residential Proxies

The Aisuru botnet, previously known for launching distributed denial-of-service (DDoS) attacks, has evolved its operations to focus on hijacking residential internet connections to create a vast network of residential proxies. This shift marks a significant change in the botnet's modus operandi, leveraging compromised devices to mask malicious traffic and evade detection. Residential proxies offer cybercriminals a stealthier way to conduct various illicit activities, including data scraping, fraud, and evading geo-restrictions. The article details how Aisuru's operators have adapted their malware to exploit vulnerabilities in consumer devices, turning them into proxy nodes. This transition underscores the growing trend of botnets moving beyond traditional DDoS attacks to more sophisticated and profitable cybercrime ventures. Security experts emphasize the importance of securing home networks and IoT devices to prevent such compromises. The piece also highlights the challenges in detecting and mitigating residential proxy networks due to their decentralized and legitimate-appearing traffic patterns. Overall, the article provides an in-depth analysis of Aisuru's operational shift and its implications for cybersecurity defenses.

This Cyber News was published on krebsonsecurity.com. Publication date: Wed, 29 Oct 2025 00:55:21 +0000

Cyber News related to Aisuru Botnet Shifts From DDoS to Residential Proxies

9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
1 year ago Esecurityplanet.com

Aisuru Botnet Shifts From DDoS to Residential Proxies - The Aisuru botnet, previously known for launching distributed denial-of-service (DDoS) attacks, has evolved its operations to focus on hijacking residential internet connections to create a vast network of residential proxies. This shift marks a ...
2 weeks ago Krebsonsecurity.com Aisuru

DDoS Botnet “Aisuru” Blankets US ISPs in Record DDoS - In October 2025, a massive Distributed Denial of Service (DDoS) attack orchestrated by the botnet known as "Aisuru" targeted multiple Internet Service Providers (ISPs) across the United States, resulting in record-breaking traffic volumes and ...
1 month ago Krebsonsecurity.com

Why every company needs a DDoS response plan - Today's DDoS attacks are not what they were even a few years ago, and we continue to see DDoS attacks that are framed as the largest in history. As a result, large organizations need adaptive, multilayered defense capabilities that can respond just ...
1 year ago Helpnetsecurity.com

Cloudflare Scrubs Aisuru Botnet From Top Domains List - Cloudflare has recently taken decisive action to remove the Aisuru botnet from its top domains list, a significant move in the ongoing battle against botnet-driven cyber threats. The Aisuru botnet, known for its widespread impact and sophisticated ...
6 days ago Krebsonsecurity.com

The Rise of DDoS Attacks in Q3, 2023: Are You Prepared? - The Indusface AppSec Q3, 2023 Report reveals a staggering 67% surge in DDoS attacks compared to the previous quarter, highlighting a concerning trend with profound impacts on various industries. Over 41% of websites have shown signs of DDoS attacks ...
1 year ago Cybersecuritynews.com CVE-2023-44487 Cloak

Aisuru Botnet With 300,000 Hijacked Routers - The Aisuru botnet has emerged as a significant threat in the cybersecurity landscape, leveraging an astonishing network of over 300,000 hijacked routers worldwide. This botnet primarily targets vulnerable routers to create a massive distributed ...
1 month ago Cybersecuritynews.com

The State of DDoS Attacks: Evolving Tactics and Targets Businesses Must Be Aware Of - Now, these attacks are becoming more dangerous, targeted, and detrimental as they evolve. As DDoS attacks become more sophisticated, adversaries are able to hone in on the most vulnerable targets, ranging from small- and medium-sized businesses to ...
1 year ago Cyberdefensemagazine.com

Police dismantles botnet selling hacked routers as residential proxies - Court documents show that the now-dismantled botnet infected older wireless internet routers worldwide with malware since at least 2004, allowing unauthorized access to compromised devices to be sold as proxy servers on Anyproxy.net and 5socks.net. ...
6 months ago Bleepingcomputer.com

How to Prepare for DDoS Attacks During Peak Business Times - One common tactic that many security practitioners have witnessed is carrying out distributed denial-of-service attacks during peak business times, when companies are more likely to be short-staffed and caught unawares. While DDoS attacks are a ...
1 year ago Darkreading.com

MySQL servers targeted by 'Ddostf' DDoS-as-a-Service botnet - MySQL servers are being targeted by the 'Ddostf' malware botnet to enslave them for a DDoS-as-a-Service platform whose firepower is rented to other cybercriminals. This campaign was discovered by researchers at the AhnLab Security Emergency Response ...
1 year ago Bleepingcomputer.com

Massive 911 S5 Botnet Dismantled, Chinese Mastermind Arrested - The US Justice Department announced on Wednesday that the massive 911 S5 proxy botnet has been dismantled and its alleged administrator, a Chinese national, has been arrested. The Treasury Department earlier this week announced sanctions against ...
1 year ago Packetstormsecurity.com

Security Series: Protecting the Edge Against DDoS Attacks with a Simplified Integrated Solution - An unprecedented increase in distributed-denial-of-service attacks in recent years has resulted in lost revenue and productivity, increased ransomware costs, and impacted service-level agreements for network operators. According to Zayo Group's ...
1 year ago Feedpress.me

New Vo1d botnet variant infects 1.6 million Android TVs worldwide - A new variant of the Vo1d malware botnet has infected 1,590,299 Android TV devices across 226 countries, recruiting devices as part of anonymous proxy server networks. The Vo1d botnet is a multi-purpose cybercrime tool that turns compromised devices ...
8 months ago Bleepingcomputer.com

Vo1d malware botnet grows to 1.6 million Android TVs worldwide - A new variant of the Vo1d malware botnet has grown to 1,590,299 infected Android TV devices across 226 countries, recruiting devices as part of anonymous proxy server networks. The Vo1d botnet is a multi-purpose cybercrime tool that turns compromised ...
8 months ago Bleepingcomputer.com

Hackers Breaking Internet with 7.3 Tbps and 4.8 Billion Packets Per Second DDoS Attack - The second quarter of 2025 has marked a historic milestone with the largest DDoS attack ever recorded, demonstrating the evolving nature of digital threats and the critical importance of robust cybersecurity infrastructure. The Q2 2025 data reveals a ...
3 months ago Cybersecuritynews.com

Essential DDoS statistics for understanding attack impact - The impact of DDoS attacks extends far beyond mere inconvenience, as they can result in financial losses, compromised data, and erosion of customer trust. Understanding the nature and consequences of DDoS activity is essential for organizations and ...
1 year ago Helpnetsecurity.com

In Cybersecurity and Fashion, What's Old Is New Again - While distributed denial-of-service attacks and zero-day threats are nothing new in cybersecurity, they're still happening regularly for a simple reason: They work. In early November 2023, OpenAI blamed a DDoS attack for intermittent ChatGPT issues, ...
1 year ago Darkreading.com

VPN to protect against DDoS attacks on Twitch - Swarming or DDoS attacks pose a threat to streamers. Your data goes through a secure server, making it harder for attackers to target your actual IP address. A distributed denial-of-service attack globally harasses and attacks legitimate users and ...
1 year ago Itsecurityguru.org

Feds Disrupt Botnet Used by Russian APT28 Hackers - Federal law enforcement kicked Russian state hackers off a botnet comprising at least hundreds of home office and small office routers that had been pulled together by a cybercriminal group and co-opted by the state-sponsored spies. APT28, an ...
1 year ago Securityboulevard.com Fancy Bear APT28 Volt Typhoon

Stealthy KV-botnet hijacks SOHO routers and VPN devices - The Chinese state-sponsored APT hacking group known as Volt Typhoon has been linked to a sophisticated botnet named 'KV-botnet' since at least 2022 to attack SOHO routers in high-value targets. Volt Typhoon commonly targets routers, firewalls, and ...
1 year ago Bleepingcomputer.com Volt Typhoon

DDoS Attacks on Rappler Linked to Proxy Service Providers in US and Russia - Qurium, the Swedish media foundation and human rights watchdog leading the investigation into these DDoS attacks implicates FineProxy and RayoByte in facilitating the attacks. On November 30, 2023, Rappler, the leading digital media company in the ...
1 year ago Hackread.com

New botnet malware exploits two zero-days to infect NVRs and routers - A new Mirai-based malware botnet named 'InfectedSlurs' has been exploiting two zero-day remote code execution vulnerabilities to infect routers and video recorder devices. The malware hijacks the devices to make them part of its DDoS swarm, ...
1 year ago Bleepingcomputer.com

Russian admits building now-dismantled IPStorm proxy botnet The Register - The FBI says it has dismantled another botnet after collaring its operator, who admitted hijacking tens of thousands of machines around the world to create his network of obedient nodes. Sergei Makinin, a Russian and Moldovan national, was cuffed in ...
1 year ago Theregister.com

Stealthier version of P2Pinfect malware targets MIPS devices - The latest variants of the P2Pinfect botnet are now focusing on infecting devices with 32-bit MIPS processors, such as routers and IoT devices. Due to their efficiency and compact design, MIPS chips are prevalent in embedded systems like routers, ...
1 year ago Bleepingcomputer.com CVE-2022-0543