On February 3, 2026, the I2P anonymity network was flooded with 700,000 hostile nodes in what became one of the most devastating Sybil attacks an anonymity network has ever experienced. For three consecutive years, I2P has been hit with Sybil attacks every February. The attacker was identified as the Kimwolf botnet, an IoT botnet that infected millions of devices including streaming boxes and consumer routers throughout late 2025. The operators admitted on Discord they accidentally disrupted I2P while attempting to use the network as backup command-and-control infrastructure after security researchers destroyed over 550 of their primary C2 servers. The I2P development team responded by shipping version 2.11.0 just six days after the attack began.