Operation Endgame has cleaned 14,971 compromised WordPress websites from the SocGholish malware network, which is attributed to the Russian cybercrime group Evil Corp.
The four-year-old Popa botnet, used to monetize compromised TV boxes, is traced technically and personally to the Israeli proxy provider NetNut (Alarum Technologies).
JDY is not a classical DDoS botnet, but rather an industrialized reconnaissance infrastructure that abuses edge devices as distributed scanners to identify targets before exploitation.
The alleged operator of the Kimwolf botnet was arrested after it compromised millions of IoT devices in six months and conducted record-breaking DDoS attacks reaching 30 terabits per second.
Dutch authorities have taken offline a botnet with 17 million infected devices and seized more than 200 supporting servers, striking a significant blow against cybercriminal infrastructure.
DDoS services are sold like commercial software subscriptions, with tiered pricing and support, showing advanced professionalization and significantly lowering the barrier to entry for potential attackers.