Network Security, Threat Intelligence

Massive DDoS intrusions pinned on Aisuru botnet

DDoS attack

TurboMirai-class Internet of Things botnet Aisuru has been behind high-impact distributed denial-of-service attacks surpassing 20 Tbps primarily aimed at online gaming firms this month, Security Affairs reports.

With Aisuru's proprietary DDoS and multi-use features, threat actors could conduct not only artificial intelligence-based web scraping and spamming, but also phishing and credential stuffing intrusions, according to Netscout researchers. Additional findings revealed attacks involving Aisuru and other TurboMirai-class botnets to be mostly single vector and direct path, with botnet traffic spoofing not apparent due to inadequate privileges and source-address validation.

Organizations have been urged to strengthen inbound and outbound DDoS traffic monitoring, as well as adopt more robust discovery, classification, and traceback tools.

"Comprehensive defense requires instrumentation of all network edges with outbound/crossbound suppression equal in priority to inbound mitigation. Intelligent DDoS mitigation systems (IDMSs), network infrastructure best current practices (BCPs) such as infrastructure ACLs (iACLs), and proactive remediation of abusable CPE are essential," said researchers.

An In-Depth Guide to Network Security

Get essential knowledge and practical strategies to fortify your network security.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds