A Brazilian anti-DDoS firm operated infrastructure that powered botnet attacks targeting competing Brazilian ISPs. KrebsOnSecurity confirmed the company's systems directly enabled the distributed denial-of-service campaign. The firm's CEO attributed the malicious activity to a security breach and claimed a competitor orchestrated the attacks to damage his company's reputation.
The disclosure raises questions about the firm's network defenses, given its core business centers on DDoS mitigation. An attacker or insider gained sufficient access to weaponize the company's infrastructure against rival network operators. The campaign demonstrates how specialized security vendors can become force multipliers if compromised. Defenders relying on third-party DDoS protection services should audit vendor security postures, require transparency on breach response timelines, and diversify providers where feasible. The incident also suggests competitive sabotage motives in Brazil's ISP market, where reputational damage from associated botnet activity carries commercial weight.