Chinese attackers are pwning your infrastructure to use in attacks, 10 countries warn (www.theregister.com)

submitted 1 day ago by Sepia@mander.xyz to c/cybersecurity@sh.itjust.works

1 comments fedilink hide all child comments

Here is the report, Defending against China-nexus covert networks of compromised devices (pdf).

A majority of China-linked threat actors are using compromised routers and IoT devices worldwide, turning this gear into proxy networks to carry out further intrusions, steal sensitive data, and disrupt victim organizations’ operations, according to a joint 10-country advisory.

"Anyone who is a target of China-nexus cyber actors may be impacted by the use of covert networks," the security advisory warned. It was jointly released by the UK National Cyber Security Centre (NCSC) and 15 other government agencies from the United States, Australia, Canada, Germany, Japan, the Netherlands, New Zealand, Spain, and Sweden.

"The use of covert networks of compromised devices - also known as botnets - to facilitate malicious cyber activity is not new, but China-nexus cyber actors are now using them strategically, and at scale," according to the alert.

Some of these covert networks are created and maintained by Chinese information security companies, the advisory says. For example, China's Integrity Technology Group controlled and managed the so-called Raptor Train network, which in 2024 infected more than 200,000 devices worldwide, including small office home office (SOHO) routers, internet-connected web cameras and video recorders, plus firewalls and network-attached storage (NAS) devices.

...

Web Archive link

top 1 comments

sorted by: hot top controversial new old

[-] JustEnoughDucks@feddit.nl 3 points 1 day ago

I would guess a ton of this is exploiting vulnerable cloud-connected IoT devices that manufacturers don't actually support with updates and if they did, users wouldn't install them.

The embedded MCU firmware scene is only recently started taking security seriously at a larger scale. It was always an afterthought before I hear.

this post was submitted on 24 Apr 2026

27 points (96.6% liked)

Cybersecurity

9875 readers

137 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !securitynews@infosec.pub !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub

Notable mention to !cybersecuritymemes@lemmy.world

founded 2 years ago

MODERATORS

kid@sh.itjust.works

Lanky_Pomegranate530@midwest.social