Massive botnets target Russian companies

Russia faced a dramatic escalation in application-layer DDoS attacks in January 2026, with the intensity rising twentyfold compared with the same period last year, Russian media reports.

Peak attack traffic surged from 2.16 million requests per minute in January 2025 to 44.2 million requests per minute this year. The attacks occurred in short bursts, each lasting no more than one minute, and were attributed to the giant Aisuru and Kimwolf botnets.

The total number of attacks increased by 22% year-on-year, while the maximum number of attacks targeting a single resource also rose by 22%. The number of unique targeted resources grew by 14%, reflecting a broader scope of cyber threats.

Eight companies were repeatedly targeted in both periods analyzed, with the intensity of attacks on each significantly higher in 2026. Cybercriminals focused on sectors including education, fast food, e-commerce, media, and transportation, highlighting the wide-ranging nature of the threat.

By Vafa Guliyeva