"Anyone who is a target of China-nexus cyber actors may be impacted by the use of covert networks. The use of covert networks of compromised devices - also known as botnets - to facilitate malicious cyber activity is not new, but China-nexus cyber actors are now using them strategically, and at scale."
"China's Integrity Technology Group controlled and managed the so-called Raptor Train network, which in 2024 infected more than 200,000 devices worldwide, including small office home office (SOHO) routers, internet-connected web cameras and video recorders, plus firewalls and network-attached storage (NAS) devices."
"Volt Typhoon, the PRC-backed crew that the feds say burrowed deep into critical US networks to preposition for future destructive attacks, built its KV Botnet using mostly end-of-life Cisco and Netgear routers."
China-linked threat actors are increasingly using compromised routers and IoT devices to establish proxy networks for cyber intrusions and data theft. A joint advisory from 10 countries warns that these covert networks, often referred to as botnets, are strategically utilized at scale. Some networks are maintained by Chinese information security companies, such as Integrity Technology Group, which managed the Raptor Train network. The FBI has linked this group to significant cyber intrusion activities, highlighting the extensive use of these networks by various China-linked groups for malicious purposes.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]