Aisuru Botnet Shifts from DDoS to Residential Proxies
Original Article Summary
Aisuru, the botnet responsible for a series of record-smashing distributed denial-of-service (DDoS) attacks this year, recently was overhauled to support a more low-key, lucrative and sustainable business: Renting hundreds of thousands of infected Internet of…
Read full article at Krebs on Security✨Our Analysis
Aisuru's shift from DDoS attacks to renting hundreds of thousands of infected Internet of Things (IoT) devices as residential proxies marks a significant change in the botnet's operation. This shift means that website owners can expect a potential increase in AI bot traffic that is more difficult to detect and block, as the compromised devices will be used to route traffic through residential IP addresses, making it harder to distinguish between legitimate and botnet traffic. To prepare for this change, website owners should take the following steps: review and update their llms.txt files to ensure they are blocking known Aisuru botnet IP addresses, implement more advanced bot detection methods that can identify traffic coming from compromised IoT devices, and monitor their website's traffic patterns closely to quickly identify and respond to any suspicious activity.
Related Topics
Track AI Bots on Your Website
See which AI crawlers like ChatGPT, Claude, and Gemini are visiting your site. Get real-time analytics and actionable insights.
Start Tracking Free →
