PRC-linked cyber actors have compromised thousands of Internet-connected devices to create a botnet for malicious activities. Integrity Technology Group, a PRC-based company with government links, has controlled a botnet of over 260,000 devices since mid-2021. The botnet uses Mirai-based malware to hijack IoT devices and routers. Compromised devices span North America, South America, Europe, Africa, Southeast Asia and Australia. The actors may use the botnet to conceal identities for DDoS attacks or network compromises. Many affected devices are still vendor-supported. The botnet infrastructure allows registered users to manage and control victim devices, including sending DDoS and exploitation commands. Author: AlienVault
Related Tags:
cve-2024-5217
cve-2023-50386
cve-2023-38646
cve-2023-37582
cve-2023-35843
cve-2023-38035
cve-2024-21762
cve-2023-35885
cve-2023-36542
Associated Indicators:
null