Cloudflare Scrubs Aisuru Botnet from Top Domains List
14 days ago
- #cloudflare
- #cybersecurity
- #botnet
- Aisuru botnet domains have recently dominated Cloudflare's top website rankings, surpassing major companies like Amazon and Google.
- Cloudflare responded by redacting Aisuru domains from their rankings to address security and brand confusion concerns.
- The Aisuru botnet consists of hundreds of thousands of compromised IoT devices, capable of launching massive DDoS attacks.
- Aisuru switched from using Google's DNS servers to Cloudflare's, causing a surge in malicious domain queries.
- Cloudflare's CEO acknowledged the botnet's impact on their DNS service and rankings, promising improvements.
- Experts highlight the risks of malicious domains appearing in trusted rankings, affecting trust and safety determinations.
- A significant portion of Aisuru's DNS queries originate from the U.S., linked to IoT devices on major ISPs.
- The botnet primarily uses .su domains, a TLD associated with cybercrime and the former Soviet Union.
- Cloudflare has started hiding Aisuru domains from public rankings, though some still appear in downloadable data.
- Blocking .su domains is suggested as a crude but effective measure to detect Aisuru bot activity.