Who Benefited from the Aisuru and Kimwolf Botnets?

Kimwolf (and its predecessor Aisuru) is a large-scale botnet that has mass-compromised millions of unofficial Android TV streaming boxes to run DDoS attacks and provide residential proxy services. The investigation links the botnet to specific operators and commercial services (Resi Rack, Plainproxies/ByteConnect, Maskify, 3XK Tech), identifies infrastructure (e.g., IP 93.95.112.59) and abuse patterns (credential stuffing, ad fraud, scraping), and documents attacker resilience measures such as using Ethereum Name Service (ENS) for dynamic control-server discovery; owners of impacted devices are advised to remove vulnerable boxes from networks.