Security News > 2024 > February > FBI disrupts Chinese botnet used for targeting US critical infrastructure
The FBI has disrupted the KV botnet, used by People's Republic of China state-sponsored hackers to target US-based critical infrastructure organizations.
A botnet for probing critical infrastructure organizations.
The threat actors used the KV botnet malware to hijack hundreds of US-based, privately-owned small office/home office routers and to hide their hacking activity towards "US and other foreign victims".
"The court-authorized operation deleted the KV botnet malware from the routers and took additional steps to sever their connection to the botnet, such as blocking communications with other devices used to control the botnet," the US Department of Justice said in a press release published on Wednesday.
"The court-authorized operation deleted the KV Botnet malware from the routers and took additional steps to sever their connection to the botnet, such as blocking communications with other devices used to control the botnet," the DOJ explained.
The FBI has contacted some of the owners or operators of the SOHO routers that were infected with the KV Botnet malware to let them know about the actions taken.
News URL
https://www.helpnetsecurity.com/2024/02/01/botnet-critical-infrastructure/
Related news
- US charges Chinese hackers linked to critical infrastructure breaches (source)
- CISA: Medusa ransomware hit over 300 critical infrastructure orgs (source)
- Chinese military-linked companies dominate US digital supply chain (source)
- UAT-5918 Targets Taiwan's Critical Infrastructure Using Web Shells and Open-Source Tools (source)
- China reportedly admitted directing cyberattacks on US infrastructure (source)
- Chinese snoops use stealth RAT to backdoor US orgs – still active last week (source)
- FBI: US lost record $16.6 billion to cybercrime in 2024 (source)
- SentinelOne Uncovers Chinese Espionage Campaign Targeting Its Infrastructure and Clients (source)