A Brazilian DDoS protection firm, Huge Networks, has been linked to a botnet conducting large-scale DDoS attacks against Brazilian ISPs. An exposed file archive revealed Python attack scripts, private SSH keys belonging to CEO Erick Nascimento, and evidence of mass-scanning for vulnerable TP-Link Archer AX21 routers (CVE-2023-1389) to build a Mirai-based botnet. The botnet used DNS reflection/amplification techniques targeting only Brazilian IP ranges. Nascimento denies orchestrating the attacks, attributing the activity to a January 2026 security breach of development servers and a personal SSH key leak, and claims a competitor is responsible. The pattern echoes a 2017 case where Mirai's authors ran a DDoS mitigation firm while using the botnet to attack clients.
Sort: