JDY: 1,500+ SOHO/IoT Botnet Intensifies Reconnaissance

Colleagues, a cybersecurity alert: Lumen Black Lotus Labs reports JDY — a network linked to Chinese state actors — has compromised over 1,500 SOHO/IoT devices.
- Lumen: JDY conducts centralized reconnaissance — scanning, fingerprinting, metadata harvesting.
- The botnet expanded from ~650 to 1,500+ nodes across the US, Brazil, Europe and Asia; it leverages Tor and diverse devices (routers, cameras).
- Following public disclosure of vulnerabilities (CVE‑2026‑35616), operators are running targeted scans to accelerate target identification.
Why it matters: industrialized reconnaissance accelerates exploit development and complicates mitigation.
How do you assess the risk to edge infrastructure?
#cybersecurity #IoT #botnet #threatintel


Latest comments
No comments yet.