Kimwolf Botnet Lurking in Corporate, Govt. Networks
5 days ago
- #Botnet
- #IoT
- #Cybersecurity
- Kimwolf, a new IoT botnet, has infected over 2 million devices, forcing them into DDoS attacks and relaying malicious traffic.
- The botnet spreads by exploiting residential proxy services, particularly targeting IPIDEA, a Chinese proxy service.
- Kimwolf mainly infects unofficial Android TV streaming boxes, which often come with pre-installed proxy software and lack security.
- Despite its focus on residential proxies, Kimwolf has been found in corporate and government networks, including the U.S. Department of Defense.
- Security firms like Infoblox and Synthient have reported significant infections in various sectors, including education, healthcare, and finance.
- Proxy services like IPIDEA have taken steps to block Kimwolf, but millions of devices remain infected.
- Experts warn that a single proxy infection can lead to larger network compromises, highlighting the need for better security measures.