The US Justice Department announced on Thursday that a Canadian man has been arrested for operating the recently disrupted Kimwolf DDoS botnet.
The suspect, 23-year-old Jacob Butler of Ottawa, known online as ‘Dort’, is accused of administering the botnet and has been charged in the US on one count of aiding and abetting computer intrusion.
Butler has been arrested in Canada and the US is seeking his extradition. If found guilty, he faces up to 10 years in prison.
“Law enforcement allegedly connected Butler to the administration of the KimWolf botnet through IP address, online account information, transaction records, and online messaging application records obtained through the issuance of legal process,” the DoJ said.
In March, the Justice Department announced the disruption of several IoT botnets used to carry out DDoS attacks. One of them was Kimwolf, described as the Android-focused successor of a botnet named Aisuru, which was also targeted by authorities.
Kimwolf made headlines for abusing residential proxy networks to expand and for ensnaring approximately 2 million devices.
Aisuru and Kimwolf were both linked to a record-breaking DDoS attack that peaked at 31.4 Tbps.
When it announced the disruption of the botnets in March, the DoJ said law enforcement agencies in Canada and Germany also targeted botnet administrators and infrastructure, but did not say whether anyone had been arrested.
Butler may have been one of the individuals targeted in Canada at the time.
“In addition to Butler’s arrest, the Central District of California unsealed seizure warrants which targeted online services supporting 45 DDoS-for-hire platforms. These seizures broadly disrupted the DDoS platforms, including at least one that collaborated with Butler’s KimWolf botnet,” the DoJ said on Thursday.
Related: ‘First VPN’ Cybercrime Service Disrupted, Administrator Arrested
Related: Microsoft Disrupts Malware-Signing Service Run by ‘Fox Tempest’
Related: RedVDS Cybercrime Service Disrupted by Microsoft and Law Enforcement
