Anti-DDoS Firm Heaped Attacks on Brazilian ISPs

**Executive Summary:** KrebsOnSecurity obtained an exposed archive showing that Huge Networks was compromised and that leaked SSH keys and infrastructure were used to build a Mirai-derived botnet exploiting CVE-2023-1389 in TP-Link Archer AX21 routers to perform large DNS amplification DDoS attacks against Brazilian ISPs; the company reports a January 2026 intrusion, has rotated keys and engaged third-party forensics, and the archive contains malicious scripts, control domains, and scanning infrastructure.