Security News > 2024 > February > FBI disrupts Chinese botnet used for targeting US critical infrastructure

The FBI has disrupted the KV botnet, used by People's Republic of China state-sponsored hackers to target US-based critical infrastructure organizations.
A botnet for probing critical infrastructure organizations.
The threat actors used the KV botnet malware to hijack hundreds of US-based, privately-owned small office/home office routers and to hide their hacking activity towards "US and other foreign victims".
"The court-authorized operation deleted the KV botnet malware from the routers and took additional steps to sever their connection to the botnet, such as blocking communications with other devices used to control the botnet," the US Department of Justice said in a press release published on Wednesday.
"The court-authorized operation deleted the KV Botnet malware from the routers and took additional steps to sever their connection to the botnet, such as blocking communications with other devices used to control the botnet," the DOJ explained.
The FBI has contacted some of the owners or operators of the SOHO routers that were infected with the KV Botnet malware to let them know about the actions taken.
News URL
https://www.helpnetsecurity.com/2024/02/01/botnet-critical-infrastructure/
Related news
- US charges Chinese hackers linked to critical infrastructure breaches (source)
- Chinese hackers breach more US telecoms via unpatched Cisco routers (source)
- Critical PostgreSQL bug tied to zero-day attack on US Treasury (source)
- Chinese hackers use custom malware to spy on US telecom networks (source)
- CISA: Medusa ransomware hit over 300 critical infrastructure orgs (source)
- Chinese military-linked companies dominate US digital supply chain (source)
- UAT-5918 Targets Taiwan's Critical Infrastructure Using Web Shells and Open-Source Tools (source)