Sign up to save your podcasts
Or
Share U.S. Disrupts China-Linked Botnet: What's Going On? - Ep 116
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
U.S. Disrupts China-Linked Botnet: What's Going On? - Ep 116
In this episode, Rob Aragao talks about a recent joint cybersecurity advisory highlighting People's Republic of China-linked actors compromising routers and IoT devices for botnet operations. The advisory points to over 260,000 IoT devices, impacted by a botnet called Raptor Train.
It’s being alleged that Integrity Technology Group (Integrity Tech) are behind the incident. The report says
“[Integrity Technology Group is a] company based in the PRC with links to the PRC government. Integrity Tech has used China Unicom Beijing Province Network IP addresses to control and manage the botnet described in this advisory. In addition to managing the botnet, these same China Unicom Beijing Province Network IP addresses were used to access other operational infrastructure employed in computer intrusion activities against U.S. victims. FBI has engaged with multiple U.S. victims of these computer intrusions and found activity consistent with the tactics, techniques, and infrastructure associated with the cyber threat group known publicly as Flax Typhoon, RedJuliett, and Ethereal Panda.”
Detected by Lumen’s Black Lotus Labs, the advisory was issued by the FBI, NSA, and Cyber National Mission Force.
Rob explains that the botnet leverages code from the notorious Mirai malware, designed to exploit IoT devices running Linux-based systems, which has been in circulation for nearly a decade. He breaks down the architecture of the botnet, including its three-tier structure, and the role of compromised IoT devices, command-and-control servers, and management layers.
Additionally, the discussion explores China's growing focus on cybersecurity talent recruitment, including the Matrix Cup, a hacking competition co-sponsored by Integrity Technology Group. The episode also offers recommendations for mitigating IoT device vulnerabilities, such as strong password management, patch updates, and network segmentation.
Don't forget to rate, review, and subscribe to stay updated on future episodes!
Follow or subscribe to the show on your preferred podcast platform.
Share the show with others in the cybersecurity world.
Get in touch via [email protected]
As featured on Million Podcasts' Best 100 Cybersecurity Podcast and Best 70
Chief Information Security Officer CISO Podcasts rankings.
View all episodes
By Reimagining Cyber
5
1919 ratings
In this episode, Rob Aragao talks about a recent joint cybersecurity advisory highlighting People's Republic of China-linked actors compromising routers and IoT devices for botnet operations. The advisory points to over 260,000 IoT devices, impacted by a botnet called Raptor Train.
It’s being alleged that Integrity Technology Group (Integrity Tech) are behind the incident. The report says
“[Integrity Technology Group is a] company based in the PRC with links to the PRC government. Integrity Tech has used China Unicom Beijing Province Network IP addresses to control and manage the botnet described in this advisory. In addition to managing the botnet, these same China Unicom Beijing Province Network IP addresses were used to access other operational infrastructure employed in computer intrusion activities against U.S. victims. FBI has engaged with multiple U.S. victims of these computer intrusions and found activity consistent with the tactics, techniques, and infrastructure associated with the cyber threat group known publicly as Flax Typhoon, RedJuliett, and Ethereal Panda.”
Detected by Lumen’s Black Lotus Labs, the advisory was issued by the FBI, NSA, and Cyber National Mission Force.
Rob explains that the botnet leverages code from the notorious Mirai malware, designed to exploit IoT devices running Linux-based systems, which has been in circulation for nearly a decade. He breaks down the architecture of the botnet, including its three-tier structure, and the role of compromised IoT devices, command-and-control servers, and management layers.
Additionally, the discussion explores China's growing focus on cybersecurity talent recruitment, including the Matrix Cup, a hacking competition co-sponsored by Integrity Technology Group. The episode also offers recommendations for mitigating IoT device vulnerabilities, such as strong password management, patch updates, and network segmentation.
Don't forget to rate, review, and subscribe to stay updated on future episodes!
Follow or subscribe to the show on your preferred podcast platform.
Share the show with others in the cybersecurity world.
Get in touch via [email protected]
As featured on Million Podcasts' Best 100 Cybersecurity Podcast and Best 70
Chief Information Security Officer CISO Podcasts rankings.
More shows like Reimagining Cyber - real world perspectives on cybersecurity
View all
Risky Business
360 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
627 Listeners
CyberWire Daily
1,006 Listeners
Modern War Institute
767 Listeners
Smashing Security
310 Listeners
Click Here
406 Listeners
Malicious Life
927 Listeners
Darknet Diaries
7,873 Listeners
Cybersecurity Today
167 Listeners
CISO Series Podcast
187 Listeners
Hacking Humans
314 Listeners
Defense in Depth
74 Listeners
Cyber Security Headlines
127 Listeners
Risky Bulletin
33 Listeners
Hacker And The Fed
158 Listeners