Kimwolf Botmaster 'Dort' Linked to Cybercrime Activities

First reported

28.02.2026 14:01

Last updated

1 unique sources, 1 articles

Summary

Hide ▲

A security researcher disclosed a vulnerability in January 2026 that was used to build the Kimwolf botnet, the world's largest and most disruptive botnet. The botmaster, known as 'Dort,' has been linked to various cybercrime activities, including DDoS attacks, doxing, and email flooding. Dort has also been connected to the cybercrime group LAPSUS$ and has used multiple aliases such as 'CPacket' and 'M1ce.' The investigation reveals Dort's involvement in Minecraft cheating software and the development of tools for bypassing CAPTCHA services and creating temporary email addresses. Dort's real identity is suspected to be Jacob Butler, a resident of Ottawa, Canada.

Timeline

28.02.2026 14:01 1 articles · 2h ago

Kimwolf Botmaster 'Dort' Linked to Cybercrime Activities
In January 2026, a security researcher disclosed a vulnerability that was used to build the Kimwolf botnet. The botmaster, known as 'Dort,' has been linked to various cybercrime activities, including DDoS attacks, doxing, and email flooding. Dort has also been connected to the cybercrime group LAPSUS$ and has used multiple aliases such as 'CPacket' and 'M1ce.' The investigation reveals Dort's involvement in Minecraft cheating software and the development of tools for bypassing CAPTCHA services and creating temporary email addresses. Dort's real identity is suspected to be Jacob Butler, a resident of Ottawa, Canada.
Show sources

Who is the Kimwolf Botmaster “Dort”? — krebsonsecurity.com — 28.02.2026 14:01
Open in new tab

Information Snippets

Dort, the Kimwolf botmaster, has been active since at least 2017 under various aliases.
First reported: 28.02.2026 14:01

1 source, 1 article
Show sources
- Who is the Kimwolf Botmaster “Dort”? — krebsonsecurity.com — 28.02.2026 14:01
Dort used the email address [email protected] to create accounts on multiple cybercrime forums.
First reported: 28.02.2026 14:01

1 source, 1 article
Show sources
- Who is the Kimwolf Botmaster “Dort”? — krebsonsecurity.com — 28.02.2026 14:01
Dort was involved with the cybercrime group LAPSUS$ in 2022, offering services for temporary email addresses and CAPTCHA bypass tools.
First reported: 28.02.2026 14:01

1 source, 1 article
Show sources
- Who is the Kimwolf Botmaster “Dort”? — krebsonsecurity.com — 28.02.2026 14:01
Dort's real identity is suspected to be Jacob Butler, based on email addresses and domain registrations.
First reported: 28.02.2026 14:01

1 source, 1 article
Show sources
- Who is the Kimwolf Botmaster “Dort”? — krebsonsecurity.com — 28.02.2026 14:01
Dort has targeted security researchers and journalists with DDoS attacks, doxing, and swatting.
First reported: 28.02.2026 14:01

1 source, 1 article
Show sources
- Who is the Kimwolf Botmaster “Dort”? — krebsonsecurity.com — 28.02.2026 14:01