Security News > 2024 > February > FBI disrupts Chinese botnet used for targeting US critical infrastructure
The FBI has disrupted the KV botnet, used by People's Republic of China state-sponsored hackers to target US-based critical infrastructure organizations.
A botnet for probing critical infrastructure organizations.
The threat actors used the KV botnet malware to hijack hundreds of US-based, privately-owned small office/home office routers and to hide their hacking activity towards "US and other foreign victims".
"The court-authorized operation deleted the KV botnet malware from the routers and took additional steps to sever their connection to the botnet, such as blocking communications with other devices used to control the botnet," the US Department of Justice said in a press release published on Wednesday.
"The court-authorized operation deleted the KV Botnet malware from the routers and took additional steps to sever their connection to the botnet, such as blocking communications with other devices used to control the botnet," the DOJ explained.
The FBI has contacted some of the owners or operators of the SOHO routers that were infected with the KV Botnet malware to let them know about the actions taken.
News URL
https://www.helpnetsecurity.com/2024/02/01/botnet-critical-infrastructure/
Related news
- FBI: Critical infrastructure suffers spike in ransomware attacks (source)
- CISA shares critical infrastructure defense tips against Chinese hackers (source)
- FBI v the bots: Feds urge denial-of-service defense after critical infrastructure alert (source)
- US sanctions APT31 hackers behind critical infrastructure attacks (source)
- US critical infrastructure cyberattack reporting rules inch closer to reality (source)
- Phobos Ransomware Aggressively Targeting U.S. Critical Infrastructure (source)
- Major shifts in identity, ransomware, and critical infrastructure threat trends (source)
- Web-based PLC malware: A new potential threat to critical infrastructure (source)
- Public anxiety mounts over critical infrastructure resilience to cyber attacks (source)
- Chinese snoops use F5, ConnectWise bugs to sell access into top US, UK networks (source)