BotNet List - 2026 2025 2024 2023 2021 2020 2019 2018
DATE | NAME |
Info | CATEG. |
WEB |
| 5.2.26 | 2025 Q4 DDoS threat report: A record-setting 31.4 Tbps attack caps a year of massive DDoS assaults | Welcome to the 24th edition of Cloudflare’s Quarterly DDoS Threat Report. In this report, Cloudforce One offers a comprehensive analysis of the evolving threat landscape of Distributed Denial of Service (DDoS) attacks based on data from the Cloudflare network. In this edition, we focus on the fourth quarter of 2025, as well as share overall 2025 data. | BotNet | CLOUDFLARE |
| 5.2.26 | AISURU/Kimwolf Botnet Launches Record-Setting 31.4 Tbps DDoS Attack | The distributed denial-of-service ( DDoS ) botnet known as AISURU/Kimwolf has been attributed to a record-setting attack that peaked at 31.4 Terabits per | BotNet | The Hacker News |
| 3.2.26 | Aisuru botnet sets new record with 31.4 Tbps DDoS attack | The Aisuru/Kimwolf botnet launched a new massive distributed denial of service (DDoS) attack in December 2025, peaking at 31.4 Tbps and 200 million requests per second. | BotNet | |
| 14.1.26 | Researchers Null-Route Over 550 Kimwolf and Aisuru Botnet Command Servers | The Black Lotus Labs team at Lumen Technologies said it null-routed traffic to more than 550 command-and-control (C2) nodes associated with the AISURU/Kimwolf botnet since early | BotNet | The Hacker News |
| 12.1.26 | GoBruteforcer Botnet Targets Crypto Project Databases by Exploiting Weak Credentials | A new wave of GoBruteforcer attacks has targeted databases of cryptocurrency and blockchain projects to co-opt them into a botnet that's capable of brute-forcing user | BotNet | The Hacker News |
| 10.1.26 | Kimwolf Android botnet abuses residential proxies to infect internal devices | The Kimwolf botnet, an Android variant of the Aisuru malware, has grown to more than two million hosts, most of them infected by exploiting vulnerabilities in residential proxy networks to target devices on internal networks. | BotNet | |
| 6.1.26 | Kimwolf Android Botnet Infects Over 2 Million Devices via Exposed ADB and Proxy Networks | The botnet known as Kimwolf has infected more than 2 million Android devices by tunneling through residential proxy networks, according to findings from Synthient. "Key actors involved | BotNet | The Hacker News |
| 3.1.26 | RondoDox botnet exploits React2Shell flaw to breach Next.js servers | The RondoDox botnet has been observed exploiting the critical React2Shell flaw (CVE-2025-55182) to infect vulnerable Next.js servers with malware and cryptominers. | BotNet | |
| 2.1.26 | RondoDox Botnet Exploits Critical React2Shell Flaw to Hijack IoT Devices and Web Servers | Cybersecurity researchers have disclosed details of a persistent nine-month-long campaign that has targeted Internet of Things (IoT) devices and web applications to enroll them into a botnet known as RondoDox. | BotNet | The Hacker News |