A Brazilian anti-DDoS firm operated a botnet that launched sustained DDoS attacks against competing Brazilian ISPs, according to KrebsOnSecurity. The company's infrastructure facilitated the malicious traffic despite specializing in DDoS defense. The firm's CEO attributed the attacks to a security breach, claiming a competitor infiltrated systems to damage the company's reputation. Defenders should treat this as a supply chain risk. A network protection vendor's compromised infrastructure becomes an attack vector against downstream clients and competitors. Organizations relying on this firm's services require immediate audit of traffic patterns and DDoS logs to identify anomalous activity during the attack window. ISPs targeted should correlate attack signatures with known botnet command infrastructure to determine if additional compromise occurred. This case demonstrates how attackers can weaponize a security vendor's trusted position in network architecture. Companies providing DDoS mitigation must implement strict internal controls, network segmentation, and real-time anomaly detection to prevent infrastructure misuse. The investigation should establish whether the breach was external exploitation or internal involvement.