Kimwolf Botnet Swamps Anonymity Network I2P

The Kimwolf IoT botnet, which has infected millions of poorly secured devices, has been actively used for large-scale DDoS attacks and recently attempted to use anonymity networks (notably I2P, and tested Tor) as fallback command-and-control channels. Around February 3, a massive number of Kimwolf-infected routers (reportedly hundreds of thousands) tried to join I2P, overwhelming and degrading the network (a Sybil-like impact) and revealing the botnet operators' experiments to harden C2 resilience; the botnet has also previously manipulated DNS usage to affect major domains and appears to be actively evolving.