Wednesday, December 04, 2024



Home Innovation Cyber Security New "Raptor Train" I...

New "Raptor Train" IoT Botnet Compromises Over 200,000 Devices Worldwide


Cyber Security

Raptor Train, IoT, Flax Typhoon, cybersecurity, command-and-control

Chinese state-sponsored botnet targets SOHO and IoT devices, with U.S. as a major victim.

The "Raptor Train" botnet, an advanced network made up of over 200,000 hijacked IoT and small office/home office (SOHO) devices, has been made public by cybersecurity researchers. The botnet, which has been active since at least May 2020 and peaked at 60,000 active devices in mid-2023, is attributed to the Chinese nation-state threat actor Flax Typhoon.

With hacked devices making up the first tier, command-and-control servers making up the second tier, and centralized administration nodes making up the third, the Raptor Train infrastructure is organized into three distinct layers. Devices from several manufacturers, mostly in the United States, Taiwan, and Vietnam, are targeted; these devices include routers, IP cameras, and NAS.

Distribution Denial of Service (DDoS) attacks have not yet been detected, despite its wide reach. The botnet has, however, been connected to attempts at exploitation of essential systems, especially in the IT and military industries. The botnet was taken down as a result of a recent U.S. Department of Justice operation, underscoring persistent worries about state-sponsored cyberthreats.

IoT devices, in particular, are still at risk of advanced cyberattacks, and this incident highlights the need for increased cybersecurity precautions.


Business News


Recommended News

×

Subscribe To Our Newsletter

please enter valid email

×