Clearly, Mirai isn’t going away anytime soon, if ever, nor are DDoS attacks. In fact, Cloudflare reported a 53% increase in DDoS threats in 2024 over 2023 and a whopping 1,885% surge in attacks exceeding 1 Tbps, dubbed “hyper-volumetric” DDoS attacks, between the third and fourth quarters of 2024.
Aquabot advertised as DDoS-as-a-service
Akamai’s researchers found that Aquabotv3’s creators have been advertising the botnet as DDoS as a service through platforms including Telegram, under different names including Cursinq Firewall, The Eye Services, and The Eye Botnet.
They pointed out that threat actors commonly assert that the botnet is not harmful, and only intended for DDoS mitigation testing purposes (or red teaming). “Threat actors will claim it’s just a proof of concept (PoC) or something educational, but a deeper analysis shows that they are in fact advertising DDoS as a service, or the owners are boasting about running their own botnet,” Lefton and Cashdollar wrote.
