PowMix Botnet Targets Czech Republic Workers with Evasion Tactics

Cybersecurity researchers at Cisco Talos identified a previously undocumented botnet named PowMix actively targeting workers in the Czech Republic since at least December 2025. The botnet employs randomized command-and-control (C2) beaconing intervals instead of persistent C2 server connections to evade network signature-based detection. No specific malware delivery methods, impacted sectors, or CVE identifiers were disclosed in the report. The campaign remains ongoing, with no additional technical details about payloads or attack vectors provided. The primary evasion tactic involves irregular C2 traffic patterns to bypass security monitoring.