A Brazilian cybersecurity company focused on defending networks against distributed denial-of-service (DDoS) attacks has itself been operating a botnet that carried out a prolonged series of large-scale DDoS assaults on other Brazilian network providers, according to KrebsOnSecurity. The company’s CEO stated that the harmful actions stemmed from a security breach, most likely orchestrated by a rival aiming to damage his firm’s reputation. An Archer AX21 router from TP-Link. Billede fra TP-Link. For several years now, security researchers have been monitoring a wave of large-scale DDoS attacks that originate in Brazil and exclusively target Brazilian Internet service providers. Until recently, the identities and motives behind these digital attacks remained unclear. Earlier this month, the situation shifted after an anonymous but reliable source provided a suspicious file archive that had been left exposed in a publicly accessible online directory. The archive included multiple Portuguese-language malware tools written in Python. It also contained the private SSH keys of the CEO of Huge Networks, a Brazilian ISP best known for providing DDoS protection to other Brazilian network operators. The company was founded in Miami, Florida. In 2014, Huge Networks based its operations in Brazil.
Krebs on Security