BotNet List 2025- 2026 2025 2024 2023 2021 2020 2019 2018
DATE | NAME |
Info | CATEG. |
WEB |
| 18.12.25 | Kimwolf Botnet Hijacks 1.8 Million Android TVs, Launches Large-Scale DDoS Attacks | A new distributed denial-of-service (DDoS) botnet known as Kimwolf has enlisted a massive army of no less than 1.8 million infected devices comprising Android-based TVs, set-top | BotNet | The Hacker News |
|
6.12.25 |
Aisuru botnet behind new record-breaking 29.7 Tbps DDoS attack | In just three months, the massive Aisuru botnet launched more than 1,300 distributed denial-of-service attacks, one of them setting a new record with a peak at 29.7 terabits per second. | BotNet | |
| 30.11.25 | New ShadowV2 botnet malware used AWS outage as a test opportunity | A new Mirai-based botnet malware named 'ShadowV2' has been observed targeting IoT devices from D-Link, TP-Link, and other vendors with exploits for known vulnerabilities. | BotNet | |
| 21.11.25 | Tsundere Botnet Expands Using Game Lures and Ethereum-Based C2 on Windows | Cybersecurity researchers have warned of an actively expanding botnet dubbed Tsundere that's targeting Windows users. Active since mid-2025, the threat is designed to execute | BotNet | The Hacker News |
| 20.11.25 | Microsoft: Azure hit by 15 Tbps DDoS attack using 500,000 IP addresses | Microsoft said today that the Aisuru botnet hit its Azure network with a 15.72 terabits per second (Tbps) DDoS attack, launched from over 500,000 IP addresses. | BotNet | |
| 18.10.25 | Massive multi-country botnet targets RDP services in the US | A large-scale botnet is targeting Remote Desktop Protocol (RDP) services in the United States from more than 100,000 IP addresses. | BotNet | |
| 18.10.25 | RondoDox botnet targets 56 n-day flaws in worldwide attacks | A new large-scale botnet called RondoDox is targeting 56 vulnerabilities in more than 30 distinct devices, including flaws first disclosed during Pwn2Own hacking competitions. | BotNet | |
|
13.10.25 |
Researchers Warn RondoDox Botnet is Weaponizing Over 50 Flaws Across 30+ Vendors | Malware campaigns distributing the RondoDox botnet have expanded their targeting focus to exploit more than 50 vulnerabilities across over 30 vendors. The activity, described as akin to | BotNet | |
| 23.9.25 | ShadowV2 Botnet Exploits Misconfigured AWS Docker Containers for DDoS-for-Hire Service | Cybersecurity researchers have disclosed details of a new botnet that customers can rent access to conduct distributed denial-of-service (DDoS) attacks against targets of interest. The | BotNet | The Hacker News |
| 20.9.25 | SystemBC Powers REM Proxy With 1,500 Daily VPS Victims Across 80 C2 Servers | A proxy network known as REM Proxy is powered by malware known as SystemBC , offering about 80% of the botnet to its users, according to new findings from the Black Lotus Labs team | BotNet | The Hacker News |
| 14.9.25 | Hackers hide behind Tor in exposed Docker API breaches | A threat actor targeting exposed Docker APIs has updated its malicious tooling with more dangerous functionality that could lay the foundation for a complex botnet. | BotNet | |
| 25.8.25 | Malicious Go Module Poses as SSH Brute-Force Tool, Steals Credentials via Telegram Bot | Cybersecurity researchers have discovered a malicious Go module that presents itself as a brute-force tool for SSH but actually contains functionality to discreetly | BotNet | The Hacker News |
| 24.8.25 | “Rapper Bot” malware seized, alleged developer identified and charged | The U.S. Department of Justice (DoJ) announced charges against the alleged developer and administrator of the "Rapper Bot" DDoS-for-hire botnet. | BotNet | |
| 20.8.25 | DOJ Charges 22-Year-Old for Running RapperBot Botnet Behind 370,000 DDoS Attacks | A 22-year-old man from the U.S. state of Oregon has been charged with allegedly developing and overseeing a distributed denial-of-service (DDoS)-for-hire botnet | BotNet | The Hacker News |
| 12.8.25 | New Win-DDoS Flaws Let Attackers Turn Public Domain Controllers into DDoS Botnet via RPC, LDAP | A novel attack technique could be weaponized to rope thousands of public domain controllers (DCs) around the world to create a malicious botnet and use it to | BotNet | The Hacker News |
| 20.7.25 | Google sues to disrupt BadBox 2.0 botnet infecting 10 million devices | Google has filed a lawsuit against the anonymous operators of the Android BadBox 2.0 malware botnet, accusing them of running a global ad fraud scheme against the company's advertising platforms. | BotNet | |
| 18.7.25 | Google Sues 25 Chinese Entities Over BADBOX 2.0 Botnet Affecting 10M Android Devices | Google on Thursday revealed it's pursuing legal action in New York federal court against 25 unnamed individuals or entities in China for allegedly operating BADBOX | BotNet | The Hacker News |
| 8.7.25 | RondoDox Botnet Exploits Flaws in TBK DVRs and Four-Faith Routers to Launch DDoS Attacks | Cybersecurity researchers are calling attention to a malware campaign that's targeting security flaws in TBK digital video recorders (DVRs) and Four-Faith routers | BotNet | The Hacker News |
| 18.6.25 | New Flodrix Botnet Variant Exploits Langflow AI Server RCE Bug to Launch DDoS Attacks | Cybersecurity researchers have called attention to a new campaign that's actively exploiting a recently disclosed critical security flaw in Langflow to deliver the Flodrix | BotNet | The Hacker News |
| 14.6.25 | New Mirai botnet infect TBK DVR devices via command injection flaw | A new variant of the Mirai malware botnet is exploiting a command injection vulnerability in TBK DVR-4104 and DVR-4216 digital video recording devices to hijack them. | BotNet | BleepingComputer |
| 10.6.25 | Two Distinct Botnets Exploit Wazuh Server Vulnerability to Launch Mirai-Based Attacks | A now-patched critical security flaw in the Wazur Server is being exploited by threat actors to drop two different Mirai botnet variants and use them to conduct | BotNet | The Hacker News |
| 1.6.25 | New PumaBot botnet brute forces SSH credentials to breach devices | A newly discovered Go-based Linux botnet malware named PumaBot is brute-forcing SSH credentials on embedded IoT devices to deploy malicious payloads. | BotNet | |
| 1.6.25 | Botnet hacks 9,000+ ASUS routers to add persistent SSH backdoor | Over 9,000 ASUS routers are compromised by a novel botnet dubbed "AyySSHush" that was also observed targeting SOHO routers from Cisco, D-Link, and Linksys. | BotNet | BleepingComputer |
| 28.5.24 | New PumaBot Botnet Targets Linux IoT Devices to Steal SSH Credentials and Mine Crypto | Embedded Linux-based Internet of Things (IoT) devices have become the target of a new botnet dubbed PumaBot . Written in Go, the botnet is designed to conduct | BotNet | The Hacker News |
| 16.5.24 | New HTTPBot Botnet Launches 200+ Precision DDoS Attacks on Gaming and Tech Sectors | Cybersecurity researchers are calling attention to a new botnet malware called HTTPBot that has been used to primarily single out the gaming industry, as well as | BotNet | The Hacker News |
| 10.5.24 | BREAKING: 7,000-Device Proxy Botnet Using IoT, EoL Systems Dismantled in U.S. - Dutch Operation | A joint law enforcement operation undertaken by Dutch and U.S. authorities has dismantled a criminal proxy network that's powered by thousands of infected | BotNet | The Hacker News |