A Botnet Accidentally Destroyed I2P
3 days ago
- #Botnet
- #Cybersecurity
- #Anonymity Networks
- On February 3, 2026, the I2P anonymity network suffered a massive Sybil attack with 700,000 hostile nodes, overwhelming the network by a factor of 39 to 1.
- For three consecutive years (2023-2026), I2P faced Sybil attacks every February, initially suspected to be state-sponsored but later attributed to the Kimwolf botnet.
- The Kimwolf botnet, responsible for a record 31.4 Tbps DDoS attack in December 2025, accidentally disrupted I2P while attempting to use it as backup C2 infrastructure.
- I2P developers responded swiftly, releasing version 2.11.0 within six days, introducing post-quantum encryption (ML-KEM + X25519) by default, Sybil mitigations, SAMv3 API upgrades, and infrastructure improvements.