Skip to content
  • Home
  • Cyber Map
  • About Us – Contact
  • Disclaimer
  • Terms and Rules
  • Privacy Policy
Cyber Web Spider Blog – News

Cyber Web Spider Blog – News

Globe Threat Map provides a real-time, interactive 3D visualization of global cyber threats. Monitor DDoS attacks, malware, and hacking attempts with geo-located arcs on a rotating globe. Stay informed with live logs and archive stats.

  • Home
  • Cyber Map
  • Cyber Security News
  • Security Week News
  • The Hacker News
  • How To?
  • Toggle search form
Canadian Arrested for KimWolf Botnet DDoS Scheme

Canadian Arrested for KimWolf Botnet DDoS Scheme

Posted on May 22, 2026 By CWS

Authorities in Canada and the United States have detained a 23-year-old Ottawa man, alleging his involvement in running ‘KimWolf’, a large-scale DDoS botnet. The operation reportedly targeted over a million Internet-of-Things (IoT) devices globally, including systems linked to the U.S. Department of Defense Information Network (DoDIN).

Details of the KimWolf Botnet

A criminal complaint in the District of Alaska unveiled charges against Jacob Butler, known online as ‘Dort’. He is accused of creating and managing the KimWolf botnet. This network was allegedly used for a DDoS-as-a-service scheme, renting out its attack power to other hackers.

Investigators claim KimWolf infiltrated consumer and small-office devices like digital photo frames and webcams, turning them into tools for a widespread attack framework. This botnet launched numerous high-volume DDoS campaigns globally, impacting DoDIN-associated IP addresses.

Impact and Legal Actions

KimWolf’s attacks reportedly reached peaks of nearly 30 Tbps, ranking among the largest recorded DDoS events. These attacks resulted in significant financial losses for some victims, exceeding a million dollars.

Butler was apprehended in Ottawa following a coordinated effort by the U.S. Department of Justice, the Defense Criminal Investigative Service (DCIS), and Canadian law enforcement. He faces charges of aiding and abetting computer intrusion in the U.S., with a potential maximum sentence of 10 years.

Global Crackdown on DDoS Networks

This arrest is part of a larger operation authorized in March 2026, which targeted multiple IoT DDoS botnets, including Aisuru, JackSkid, and Mossad. Authorities seized command-and-control infrastructure and issued warrants against 45 DDoS-for-hire platforms, redirecting their domains to a law-enforcement page cautioning against DDoS activities.

Evidence linking Butler to KimWolf was collected from IP addresses, online accounts, payment records, and encrypted messaging logs. The operation involved extensive collaboration across technology, hosting, security, and networking sectors, which helped in identifying and dismantling the botnet infrastructure.

Currently, Butler is in custody in Canada while U.S. authorities seek his extradition. The U.S. Attorney’s Office for the District of Alaska, DCIS, and the FBI Anchorage Field Office are leading the case prosecution.

Cyber Security News Tags:Botnet, Canada, criminal charges, cyber attack, Cybercrime, Cybersecurity, DDoS, Extradition, Hacking, Internet, IoT, Kimwolf, law enforcement, USA

Post navigation

Previous Post: Megalodon Campaign Targets Thousands of GitHub Repositories
Next Post: Exploring Vulnerable Drivers Without Hardware

Related Posts

CNCERT Accuses of US Intelligence Agencies Attacking Chinese Military-Industrial Units CNCERT Accuses of US Intelligence Agencies Attacking Chinese Military-Industrial Units Cyber Security News
OCRFix Botnet Trojan Uses Blockchain for Stealth Operations OCRFix Botnet Trojan Uses Blockchain for Stealth Operations Cyber Security News
Salty2FA and Tycoon2FA Phishing Kits Attacking Enterprise Users to Steal Login Credentials Salty2FA and Tycoon2FA Phishing Kits Attacking Enterprise Users to Steal Login Credentials Cyber Security News
Top AWS Monitoring Tools for Optimal Cloud Performance Top AWS Monitoring Tools for Optimal Cloud Performance Cyber Security News
SCADA Vulnerability Triggers DoS, Potentially Disrupting Industrial Operations SCADA Vulnerability Triggers DoS, Potentially Disrupting Industrial Operations Cyber Security News
Crunchyroll User Data Breach Exposes 100 GB of Information Crunchyroll User Data Breach Exposes 100 GB of Information Cyber Security News

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Recent Posts

  • Phishing Campaign Exploits AnyDesk for Espionage
  • GitLost Flaw Exposes GitHub Repos via AI Workflow
  • VECT and TeamPCP: Unveiling the Ransomware Supply Chain Strategy
  • Global Expansion of Gentlemen Ransomware Threats
  • Critical Flaw in Google Dialogflow CX Exposed

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Archives

  • July 2026
  • June 2026
  • May 2026
  • April 2026
  • March 2026
  • February 2026
  • January 2026
  • December 2025
  • November 2025
  • October 2025
  • September 2025
  • August 2025
  • July 2025
  • June 2025
  • May 2025

Recent Posts

  • Phishing Campaign Exploits AnyDesk for Espionage
  • GitLost Flaw Exposes GitHub Repos via AI Workflow
  • VECT and TeamPCP: Unveiling the Ransomware Supply Chain Strategy
  • Global Expansion of Gentlemen Ransomware Threats
  • Critical Flaw in Google Dialogflow CX Exposed

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Copyright © 2026 Cyber Web Spider Blog – News.

Powered by PressBook Masonry Dark