Public
- Public
- Network
- Groups
- Featured
- Popular
- People

Hilariously, a user by the name “Richard Remington” briefly appeared in the group’s Telegram server to post a crude “Happy New Year” sketch that claims Dort and Snow are now in control of 3.5 million devices infected by Aisuru and/or Kimwolf. Richard Remington’s Telegram account has since been deleted, but it previously stated its owner operates a website that caters to DDoS-for-hire or “stresser” services seeking to test their firepower. The sketch is done in blue pen ink on a white composition notebook held sideways, so that the lines are vertical. If includes several childish stick figure drawings depicting people allegedly tied to Aisuru and Kimwolf, and in the center are two hands clasped, with one hand labeled "Snow" and the other "Dort."

Download link

Hilariously, a user by the name “Richard Remington” briefly appeared in the group’s Telegram server to post a crude “Happy New Year” sketch that claims Dort and Snow are now in control of 3.5 million devices infected by Aisuru and/or Kimwolf. Richard Remington’s Telegram account has since been deleted, but it previously stated its owner operates a website that caters to DDoS-for-hire or “stresser” services seeking to test their firepower. The sketch is done in blue pen ink on a white composition notebook held sideways, so that the lines are vertical. If includes several childish stick figure drawings depicting people allegedly tied to Aisuru and Kimwolf, and in the center are two hands clasped, with one hand labeled "Snow" and the other "Dort."
https://media.infosec.exchange/infosec.exchange/media_attachments/files/115/862/126/029/526/354/original/06dd57aadbcb77d0.png

Notices where this attachment appears

Embed this notice
BrianKrebs (briankrebs@infosec.exchange)'s status on Friday, 09-Jan-2026 09:28:01 JST BrianKrebs

New, by me:
Our first story of 2026 revealed how a destructive new botnet called Kimwolf has infected more than two million devices by mass-compromising a vast number of unofficial Android TV streaming boxes. Today, we’ll dig through digital clues left behind by the hackers, network operators and services that appear to have benefitted from Kimwolf’s spread.
https://krebsonsecurity.com/2026/01/who-benefited-from-the-aisuru-and-kimwolf-botnets/
For part one in this series, check out:
https://krebsonsecurity.com/2026/01/the-kimwolf-botnet-is-stalking-your-local-network/

In conversation about 5 months ago from infosec.exchange permalink