New, from me: Alleged Kimwolf Botmaster 'Dort' Arrested, Charged in U.S. and Canada

Canadian authorities on Wednesday arrested a 23-year-old Ottawa man on suspicion of building and operating Kimwolf, a fast spreading Internet-of-Things botnet that enslaved millions of devices for use in a series of massive distributed denial-of-service (DDoS) attacks over the past six months. KrebsOnSecurity publicly named the suspect in February 2026 after the accused launched a volley of DDoS, doxing and swatting campaigns against this author and a security researcher. He now faces criminal hacking charges in both Canada and the United States.

https://krebsonsecurity.com/2026/05/alleged-kimwolf-botmaster-dort-arrested-charged-in-u-s-and-canada/

#botnet #ddos #kimwolf #cybercrime

Alt...

An excerpt from the criminal complaint against Butler, detailing how he ordered a swatting attack against Ben Brundage, the founder of the security firm Synthient. In this image, Dort (aka "Meow" here) posts an image of a door and claims credit for a swatting attack against the founder of Synthient. The title of discord server where this takes place is /krebs.

New, by me: Anti-DDoS Firm Heaped Attacks on Brazilian ISPs

A Brazilian tech firm that specializes in protecting networks from distributed denial-of-service (DDoS) attacks has been enabling a botnet responsible for an extended campaign of massive DDoS attacks against other network operators in Brazil, KrebsOnSecurity has learned. The firm’s chief executive says the malicious activity resulted from a security breach and was likely the work of a competitor trying to tarnish his company’s public image.

https://krebsonsecurity.com/2026/04/anti-ddos-firm-heaped-attacks-on-brazilian-isps/

#ddos #tplink #hugenetworks #brazil

Alt...

A black Archer AX21 router from TP-Link. Image: tp-link.com. Six green LEDs are lit and there are four black antennae sticking up vertically from the back.

👩🏻‍💻 my so-called sudo life - day 497: Mastodon stampede edition 🐘​

Dear Fedi friends,

You may remember how last year I was dealing with self-DDoS attacks every time I shared a link to my Wordpress or Ghost sites. Well, I solved the issue with Ghost (#VinylCache is brilliant) but I never found a solution for my Wordpress site... not even with #BunnyCDN. I guess I wasn't tweaking the right settings.

This is a pity because TBH the ActivityPub for Wordpress plugin is SO COOL and works flawlessly. I had to move my blog posts to Ghost and keep Wordpress as a static portfolio site. That being said, I never dared share links to my Wordpress site anymore because I would get about 4000 requests within 60 seconds and everything would freeze.

I just looked into #BunnyCDN's settings again and tried to tweak them. So please bear with me for an experiment, sharing an old blog post and seeing what happens.

Wish me luck!

From the archives:

https://elenarossini.com/2025/01/my-so-called-sudo-life-time-matters/

#BuyEuropean #CDN #DDOS #MastodonHugofDeath #MastodonStampede #Wordpress #blog #MySoCalledSudoLife

Non ! Ce n'est pas le réseau décentralisé qui vacille, mais juste une instance du réseau...
Mastodon subit une attaque DDoS massive, le réseau décentralisé vacille

https://www.generation-nt.com/actualites/mastodon-serveur-attaque-ddos-massive-2074379

#Mastodon #Fédivers #DDoS #Décentralisation #MastodonDotSocial

News: Techcrunch | Mastodon says its flagship server was hit by a DDoS attack

"The millions of malicious requests it has seen are consistent with the pattern of a distributed Denial of Service attack."

The attack was mitigated within 2 hours.

“This is a case where the decentralized nature of the Fediverse is a true advantage... Users with accounts on other Mastodon (or any other Fediverse) servers were completely unaffected... "

https://techcrunch.com/2026/04/20/mastodon-says-its-flagship-server-was-hit-by-a-ddos-attack/

#Mastodn #DDoS

RE: https://mastodon.social/@blogdiva/116437993442833475

ok am done with this thread on the meaning of a #DDoS and why instead of pooh-poohing Mastodon-the-software, and Mastodon-dot-social we should be using them as roadmaps for building a sustainable #fediverse

your auntifa liza 🇵🇷 🦛 🦦 » 🌐 2026-04-20 / 2026-04-20
@blogdiva@mastodon.social

RE: https://macaw.social/@andypiper/116436859213678675

A DDoS MEANS DOT-SOCIAL *IS* A NEWS SOURCE

popularity isn’t the №1 reason a site is DDoSed. TRUST IN THE VERACITY OF YOUR INFORMATION is why you get attacked.

back in the day, one of my sites became popular in India as a source of reproductive rights info. was DDoSed for days until it was blacklisted on Google-India and added to corporate web filters. why? because my readers trusted me in giving them accurate info.

a DDoS is #warfare against #trust #veracity and the truth

🧵…

Pep boosted

Andy Piper » 🌐 2026-04-20
@andypiper@macaw.social

mastodon.social is currently undergoing a major Denial of Service (DDOS) incident. The team is working on this as a matter of priority. Thank you for your patience!

#Mastodon #Mastoadmin

https://status.mastodon.social/cmo730jrm05ailojla22drifc

#FLOSS is a start, not an endpoint. there is no point to FLOSS if only rich people, governments and businesses can run it. #DDoS warefare will escalate as the fediverse grows with more news hubs & places for political organizing.

Mastodon-the-FLOSS-project and Mastodon-the-websites are roadmaps for success in the #fediverse.

whatever legal, accounting, business development tools they have available, we need similar on a fediverse scale for new & old instances to exist & thrive.

/🧵

which brings me back to the purpose of a #DDoS: the target’s #bankruptcy.

the constant attacks won't keep you offline if you have othe IPs to move to. what they do accomplish is to make it too expensive to be online.

this is the Achilles Heel of not just the #fediverse but the free & independent internet: if your site becomes trustworthy, you will incur violence at the server level that could bankrupt you.

🧵…

#Mastodon dot-social is confused with the #fediverse because one of its strengths is how well it manages tags.

you can tell @MastodonEngineering focused on optimizing hashtags when they didn't have the server power needed for search. you can easily find info, people & communities with little server power.

so Mastodon.social is the target of #DDoS #warfare because it is the site where you can see what’s possible with #ActivityPub & that is not controlled by #techbros billionaire parasites 🧵…

wouldn’t be shocked if the #DDoS is related to the EU Citizens Initiative to suspend the bilateral agreement with #Israel:
https://mastodon.social/@blogdiva/116432072206493360

the PM of #Spain, Pedro Sánchez will be asking tomorrow the @EUCommission to take up the initiative

the ECI is often described as just #clicktivism. bootlickers love it as easy to discount and manipulate on centralized, billionaire-owned, corporate social platforms.

but the #fediverse & especially #Mastodon are a monkey wrench on that

🧵…

Okay mastodon.social seems to be hit by a DDoS Attack. But in contrast to Bluesky, where whole network is down when the main instance has a hiccup,  the impact for me is limited. Thats the strength of real decentralisation!
#ddos #mastodonsocial #decentralisation #fediverse

#Europol a envoyé 75 000 messages d'avertissement à des pirates #DDoS dans 21 pays à la fois. Europol livre les premiers résultats de l'opération mondiale menée contre les #cyberattaques de type DDoS. Vingt et un pays ont uni leurs forces pour cibler 75 000 utilisateurs criminels à travers le monde.
https://www.clubic.com/actualite-609352-europol-a-envoye-75000-messages-d-avertissement-a-des-pirates-ddos-dans-21-pays-a-la-fois.html

Achtsamkeits-Programm für ausgebrannte Server

Präventionsmaßnahmen sollen Server vor stressbedingten Abstürzen schützen.

#scraping #DDoS #KI #Hamsterrad #Linux

https://gnulinux.ch/achtsamkeits-programm-fuer-ausgebrannte-server

⋅ Gcore Radar report reveals 150% surge in DDoS attacks year-on-year

− https://cybersecuritynews.com/gcore-radar-report-reveals-150-surge-in-ddos-attacks-year-on-year/

#InfoSec #Ddos

This is why we can't have nice things

Landing page of Notabug.org right now

#aislop #ddos #Notabug

Alt...

The landing page for Notabug,org in 19 March 2026. The signature spider mascot is shown belly up, as if dead with the following message: "Due to relentless AI scrapers notabug.org is currently down. We are attempting to come up with a solution to this problem. Currently repositories are available via git access. If you know the git+ssh url of a repository you can now clone it again." Luckily, I do have access via SSH.