Brazilian Anti-DDoS Firm Exposed as Botnet Operator

A Brazilian technology firm that markets itself as a specialist in mitigating distributed denial-of-service (DDoS) attacks has been uncovered as the operator of a botnet responsible for extensive campaigns targeting Brazilian Internet service providers (ISPs). The firm, which provides DDoS protection services, was found to have been covertly controlling a network of compromised devices to execute the very attacks it claimed to prevent.

Security researchers traced the malicious activity to the firm after analyzing traffic patterns from recent attacks. The botnet, consisting of hundreds of thousands of compromised IoT devices, such as routers and IP cameras, was capable of launching massive DDoS attacks. The campaign, which lasted several months, disrupted services for multiple major ISPs in Brazil, affecting hundreds of thousands of customers. The attacks employed standard DDoS techniques, including UDP flooding and amplification methods, exploiting unpatched IoT firmware.

This incident underscores the risks in the cybersecurity supply chain, where organizations may inadvertently or maliciously become sources of threats. Cybersecurity experts have warned that such betrayals of trust can have far-reaching consequences for internet infrastructure. The firm has declined to comment, and Brazilian authorities are investigating the matter. Users are urged to secure their IoT devices with strong passwords and regular firmware updates to mitigate such threats.