US EditionCyber Agencies Warn Organisations to Guard Against China-Linked Covert Networks
The advisory says China-nexus actors are using vast botnets of hacked routers and other devices to hide attacks and defeat static IP-blocking defenses.
- On Thursday, the United States and allies issued a joint advisory warning that China-nexus hackers are increasingly using large-scale botnets of compromised SOHO routers and IoT devices to hide malicious activity.
- These networks are mainly made up of compromised SOHO routers and Internet of Things devices; new nodes are constantly added as old equipment is patched or removed, making them difficult for defenders to track.
- China-Linked actors previously used the KV-Botnet for attacks on U.S. critical infrastructure and the Raptor Train botnet, which infected more than 260,000 devices worldwide in 2024. The FBI disrupted both operations by removing malware from infected routers.
- "Botnet operations represent a significant threat to the UK by exploiting vulnerabilities in everyday internet-connected devices," said Paul Chichester, NCSC-UK's Director of Operations. Traditional IP blocking defenses are becoming less effective.
- Network defenders should implement multifactor authentication, map edge devices, and apply zero-trust principles to limit external connections. Organizations are advised to use IP allowlisting and dynamic threat feeds to detect covert network indicators.
18 Articles
18 Articles
Tech Radar
technewstube.comChina-nexus cyber actors' are turning routers and IoT infrastructure into covert botnets 'at scale' – NCSC, Five Eyes, and others warn of campaign involving Typhoon-designated groups
The botnets are used to hide locations and launch Distributed Denial of Service attacks.
US, Partners Issue Warning on China’s Covert Attacks Using Routers, Smart Devices
The United States and global partners issued an advisory on Thursday, warning about the threat posed by China-backed hackers using online networks of compromised devices to attack governments and organizations. “These networks are mainly made up of compromised Small Office Home Office (SOHO) routers, as well as … smart devices,” reads the April 23 joint advisory published by the Cybersecurity and Infrastructure Security Agency (CISA). The CISA a…
Washington Times
The New York LedgerSecurity agencies say Chinese hackers using hijacked networks for large-scale cyberattacks
Chinese hacking groups linked to large-scale cyberattacks and intrusions of critical infrastructure are using covert computer networks for their operations, according to a British government security report made public Thursday.
A dozen allied agencies say China is building covert hacker networks out of everyday routers
U.S. and international government agencies warned Thursday about a “widespread shift” in Chinese hacker methods toward the use of large-scale covert networks that compromise common devices to carry out a variety of attacks. The advisory details how those networks work, and defensive steps organizations should take. “Over the past few years there has been a major shift in the tactics, techniques and procedures (TTPs) used by China-nexus cyber act…
Cyber agencies warn organisations to guard against China-linked covert networks
LONDON, April 23 (Reuters) – International cyber agencies on Thursday urged organisations to better defend against covert networks used by China-linked hackers to conceal malicious cyber activity, according to Britain’s National Cyber Security Centre. The NCSC published the new guidance alongside industry and 15 international partners from across eight other countries: the United States, Australia, Canada, Germany, Japan, the Net…
Coverage Details
Bias Distribution
- 67% of the sources are Center
Factuality
To view factuality data please Upgrade to Premium
