The Kimwolf botnet has infected over 2 million Android devices through residential proxy networks, mainly targeting cheap Android TV boxes. It has the potential to launch massive DDoS attacks and monetize infected devices by selling proxy bandwidth. #Kimwolf #AndroidTV #DDoS #ProxyNetworks
Keypoints
- The Kimwolf botnet primarily infects Android TV set-top boxes on residential networks.
- It exploits exposed Android Debug Bridge (ADB) services to infect devices.
- The botnet can generate DDoS attacks up to 30Tbps and sell proxy bandwidth cheaply.
- Many infected devices are pre-infected or sold with malware, often linked to Chinese proxy networks like IPIDEA.
- Recent patches by IPIDEA have helped mitigate some vulnerabilities, but the threat remains significant.
Read More: https://www.securityweek.com/kimwolf-android-botnet-grows-through-residential-proxy-networks/