216.73.216.197

People's Republic of China-Linked Actors Compromise Routers and IoT Devices for Botnet Operations

· Published 02/10/2024 12:14 · Modified 02/10/2024 13:00

Export JSON

Essential information

Published
02/10/2024 12:14
Modified
02/10/2024 13:00
Tags
2024-10-02 CVE-2023-3519 CVE-2023-35843 CVE-2023-35885 CVE-2023-36542 CVE-2023-36844 CVE-2023-37582 CVE-2023-38035 CVE-2023-3852 CVE-2023-38646 CVE-2023-43478 CVE-2023-46604 CVE-2023-46747 CVE-2023-47218 CVE-2023-50386 CVE-2024-21762 CVE-2024-29269 CVE-2024-29973 CVE-2024-4577 CVE-2024-5217 botnet china cyber espionage ddos iot mirai network compromise routers
Related entities
66 vulnerabilities (cve), 169 observables, 1 intrusion sets (apt), 15 techniques (mitre), 1 malware, 22 others

Description

PRC-linked cyber actors have compromised thousands of Internet-connected devices to create a for malicious activities. Integrity Technology Group, a PRC-based company with government links, has controlled a of over 260,000 devices since mid-2021. The uses -based malware to hijack devices and . Compromised devices span North America, South America, Europe, Africa, Southeast Asia and Australia. The actors may use the to conceal identities for attacks or network compromises. Many affected devices are still vendor-supported. The infrastructure allows registered users to manage and control victim devices, including sending and exploitation commands.

External references