Kimwolf Botnet Swamps Anonymity Network I2P(krebsonsecurity.com)
krebsonsecurity.com
Kimwolf Botnet Swamps Anonymity Network I2P
https://krebsonsecurity.com/2026/02/kimwolf-botnet-swamps-anonymity-network-i2p/
17 comments
The ISPs simply don't care, I think. I have several million unique botnet IPs hitting my server, and I'm not sure how I could let the ISPs or users know they're infected - I contacted those that originated from my country, but 3 out of 4 of them ignored my mail to the abuse contact. I imagine the situation is several magnitudes worse for people with more prominent domains.
ISPs do care. They typically have a standard procedure where they will contact the customer if they receive structural complaints, indicating an actual botnet infection. It's also very typical to not receive a response to abuse complaints, even though they do log it.
We need regulation requiring ISPs to care. In the US they will severely reduce your speeds (if not outright cancel your account) over repeated DMCA complaints so why can't they do the same for reported botnet activity?
I guess logistically they'd need a way to assess if the problem had been resolved though. It would be pretty challenging to validate reports and then follow up on them in an automated manner. There's not going to be much budget for this after all. Still you'd think it could be done for the largest (and thus well understood) botnets.
I guess logistically they'd need a way to assess if the problem had been resolved though. It would be pretty challenging to validate reports and then follow up on them in an automated manner. There's not going to be much budget for this after all. Still you'd think it could be done for the largest (and thus well understood) botnets.
DMCA complaints are generally something the user chose to do. Most users aren't choosing to participate in botnets. I'm not sure it's appropriate to punish users like this for something that isn't their fault and that they likely won't know how to fix.
When my house catches on fire I probably don't have the tools to put it out, but I am obligated to call the fire department before it burns down the neighborhood.
If your house catches fire because an electrician fucked up, and it catches other houses on fire, are you responsible for it?
Not to mention that, while you may be responsible for calling it in, you are certainly not responsible for fighting it yourself
Not to mention that, while you may be responsible for calling it in, you are certainly not responsible for fighting it yourself
Why not? It wouldn't be acceptable in any other context - like running a lawn mower that spits oil onto your neighbor's lawn.
DMCA requests lead to legal consequences for ISP's in extreme cases. Botnets meanwhile there's no "lobby groups" that are directly impacted enough to 'care' at a financial level
I agree it does require regulation. There would be better odds for regulations in the US if you could show that regulating ISPs can help funnel taxpayer money to billionaires and their grifting cronies. The US has a history with ISPs, they were given fat subsidies to build out their networks and then they did not do that.
> The Kimwolf botmaster openly discusses what they are doing with the botnet in a Discord channel with my name on it.
Wild times we are living in
Wild times we are living in
If the malicious nodes are properly participating in the network, shouldn't it be a net positive for I2P?
I don't expect them to be traffic-heavy, if it's just the control plane.
I don't expect them to be traffic-heavy, if it's just the control plane.
The article is vague, but another downside to the proliferation of "smart" home appliances?
That is disingenuous.
It is a downside to the proliferation of poorly secured devices. Your nebulous statement could be applied to anything.
It is a downside to the proliferation of poorly secured devices. Your nebulous statement could be applied to anything.
Absolutely, but empirical evidence shows that IoT devices are far and large vulnerable way more often than other types of devices on most networks, because modern smartphones are pretty well secured and many users that are less tech-savvy are abandoning their bloatware-ridden Windows notebooks for Android-based or iOS-based tablets.
In my opinion, this shows a lack of accountability in the industry as a whole over security issues on devices. Ultimately, this won't change unless tight legislation is passed to punish or prevent insecure IoT devices (however you would like to measure that) or unless companies actually start to become accountable for releasing insecure software and hardware, losing out on future sales, which requires a cultural shift in how most people think about appliances and computing as a whole.
In my opinion, this shows a lack of accountability in the industry as a whole over security issues on devices. Ultimately, this won't change unless tight legislation is passed to punish or prevent insecure IoT devices (however you would like to measure that) or unless companies actually start to become accountable for releasing insecure software and hardware, losing out on future sales, which requires a cultural shift in how most people think about appliances and computing as a whole.
Shouldnt this be fantastic news? a list of 700K IPs with infected devices ready for distribution to affected ISPs who can turn off internet until users fix their crap.