Reaper Botnet

Security Researchers from Future’s Insikt Threat Intelligence Research Group are reporting* that the DDoS attacks that targeted the Netherlands financial sector in January was the first known use of IoTroop – also known as the Reaper Botnet, a variant of Mirai. The initial attack was a DNS amplification attack with traffic volumes peaking at 30Gs according to Insikt. Andrew Lloyd, President of Corero commented below.

Andrew Lloyd, President at Corero:

“While the reported amplitude of the attack (at 30Gbps) was nowhere close to record-breaking, it is still higher than most of the DDoS attacks that we see. Corero’s latest DDoS Trends Report* found that 96% of DDoS attacks were less than 5Gbps and only 1% above 10Gbps. In our experience, even the largest banks and financial institutions often have a protection gap within their DDoS defenses where short-duration, modest amplitude attacks go undefended.”

ISBuzz Team

The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.

ISBuzz Team

Exploited Faster, Patched Slower: Verizon DBIR 2026 Shows Security Teams Losing Ground

Security’s Blind Spot: The Threats Hiding in “Low-Severity” Alerts

Why OSINT deserves the same status as other intelligence disciplines

Working With Us

Write For Us

The Pages

Reaper Botnet

ISBuzz Team

Related Posts

Exploited Faster, Patched Slower: Verizon DBIR 2026 Shows Security Teams Losing Ground

Security’s Blind Spot: The Threats Hiding in “Low-Severity” Alerts

Why OSINT deserves the same status as other intelligence disciplines