An IoT botnet has been orchestrating large-scale DDoS attacks globally since late 2024, targeting companies in Japan and other countries. The botnet, comprising Mirai and Bashlite variants, infects IoT devices by exploiting vulnerabilities and weak credentials. It uses various DDoS attack methods, can update malware, and enable proxy services. Attack targets are geographically dispersed, with a focus on North America and Europe. The primary infected devices are wireless routers and IP cameras from well-known brands. The botnet's infection process includes downloading and executing malware payloads that connect to C&C servers for attack commands. Different command usage patterns were observed between domestic and international targets, impacting various industry sectors.