Over 3 million IoT devices — including web cameras, DVRs, and WiFi routers from unspecified manufacturers — were compromised into four DDoS-for-hire botnets (Aisuru, KimWolf, JackSkid, Mossad) via default or weak credentials and insecure network service configurations, enabling a recorded peak attack of 31.4 Tbps. Law enforcement C2 takedowns disrupted the botnets but did not remediate device-level compromise, leaving the infected endpoint population at risk of re-enrollment into successor botnets. Immediate action: audit internet-facing IoT devices for default credentials, segment IoT devices onto isolated VLANs with egress filtering, and review DDoS resilience posture against multi-Tbps volumetric attack scenarios.