Anti-DDoS Firm Heaped Attacks on Brazilian ISPs – Krebs on Security

Staff Editor 2026-04-30
Anti-DDoS Firm Heaped Attacks on Brazilian ISPs – Krebs on Security

Anti-DDoS Firm Heaped Attacks on Brazilian ISPs – Krebs on Security

https://krebsonsecurity.com/2026/04/anti-ddos-firm-heaped-attacks-on-brazilian-isps/

Publish Date: 2026-04-30 10:12:00

Source Domain: krebsonsecurity.com

A Brazilian tech firm that specializes in protecting networks from distributed denial-of-service (DDoS) attacks has been enabling a botnet responsible for an extended campaign of massive DDoS attacks against other network operators in Brazil, KrebsOnSecurity has learned. The firm’s chief executive says the malicious activity resulted from a security breach and was likely the work of a competitor trying to tarnish his company’s public image.

An Archer AX21 router from TP-Link. Image: tp-link.com.

For the past several years, security experts have tracked a series of massive DDoS attacks originating from Brazil and solely targeting Brazilian ISPs. Until recently, it was less than clear who or what was behind these digital sieges. That changed earlier this month when a trusted source who asked to remain anonymous shared a curious file archive that was exposed in an open directory online.

The exposed archive contained several Portuguese-language malicious programs written in Python. It also included the private SSH authentication keys belonging to the CEO of Huge Networks, a Brazilian ISP that primarily offers DDoS protection to other Brazilian network operators.

Founded in Miami, Fla. in 2014, Huge Networks’s operations are centered in Brazil. The company originated from protecting game servers against DDoS attacks and evolved into an ISP-focused DDoS mitigation provider. It does not appear in any public abuse complaints and is not associated with any known DDoS-for-hire services.

Nevertheless, the exposed archive shows that a Brazil-based threat actor maintained root access to Huge Networks infrastructure and built a powerful DDoS botnet by routinely mass-scanning the Internet for insecure Internet routers and unmanaged domain name system (DNS) servers on the Web that could be enlisted in attacks.

DNS is what allows Internet users to reach websites by typing familiar domain names instead of the associated IP addresses. Ideally, DNS servers only…

Source

More Stories

Mountain Rides resolves cybersecurity threat | Transportation

Mountain Rides resolves cybersecurity threat | Transportation

Staff Editor 2026-06-05
NICC offers new computing and cybersecurity program for high school students | 97 Seven Country WGLR – The Tri-States Best Variety of Country

NICC offers new computing and cybersecurity program for high school students | 97 Seven Country WGLR – The Tri-States Best Variety of Country

Staff Editor 2026-06-05
Ashley Devoto Named Air Force CIO

Ashley Devoto Named Air Force CIO

Staff Editor 2026-06-05

Terms and Conditions - Privacy Policy