In a nutshell: The Brazilian DDoS protection company Huge Networks allegedly operated a botnet over many years to carry out large-scale attacks on other ISPs. This was uncovered through leaked files and SSH keys belonging to the company founder.
A Brazilian cybersecurity company specializing in defending against DDoS attacks allegedly operated its own botnet. For years, it conducted large-scale DDoS attacks on other Brazilian internet providers – a case of irony that has now been revealed through leaked files.
Brazilian cybersecurity firm Huge Networks, known for its DDoS protection service, has become the focus of new scandal reporting from KrebsOnSecurity. The company allegedly operated a botnet over several years that deliberately carried out large-scale DDoS attacks targeting other Brazilian internet service providers.
The CEO of Huge Networks attributes the malicious activities to a security breach that may have been caused by a competitor to damage his company. Security researchers had long observed a wave of DDoS attacks from Brazil targeting exclusively Brazilian ISPs, but the origin and motivation remained unclear for a long time.
The breakthrough came early this month when an anonymous but reliable source provided a suspicious file archive that had been left in a publicly accessible online directory. The archive contained several malware tools written in Python with Portuguese-language comments and the private SSH keys of the Huge Networks CEO. The company, originally founded in 2014 in Miami, Florida, later relocated its operations to Brazil.