People's Republic of China-Linked Actors Compromise Routers and IoT Devices for Botnet Operations

SUMMARY :

PRC-linked cyber actors have compromised thousands of Internet-connected devices to create a botnet for malicious activities. Integrity Technology Group, a PRC-based company with government links, has controlled a botnet of over 260,000 devices since mid-2021. The botnet uses Mirai-based malware to hijack IoT devices and routers. Compromised devices span North America, South America, Europe, Africa, Southeast Asia and Australia. The actors may use the botnet to conceal identities for DDoS attacks or network compromises. Many affected devices are still vendor-supported. The botnet infrastructure allows registered users to manage and control victim devices, including sending DDoS and exploitation commands.

OPENCTI LABELS :

china,botnet,cyber espionage,ddos,mirai,iot,cve-2024-4577,routers,cve-2023-3519,cve-2023-46747,cve-2023-46604,cve-2024-29973,cve-2023-43478,cve-2023-3852,cve-2023-36844,network compromise,cve-2024-29269,cve-2023-36542,cve-2023-35885,cve-2024-21762,cve-2023-38035,cve-2023-35843,cve-2023-37582,cve-2023-38646,cve-2023-50386,cve-2024-5217,cve-2023-47218


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


People's Republic of China-Linked Actors Compromise Routers and IoT Devices for Botnet Operations