JDY Botnet Resurges After KV Takedown, Targets U.S. Military Networks
APTBreaking_NewsInternet_of_ThingsMalwareSecurityChinaHackinghacking_newsinformation_security_newsIoTIT_Information_SecurityJDY_botnetmalwarePierluigi_PaganiniSecurity_AffairsSecurity_NewsVolt_Typhoon
The JDY botnet, linked to Chinese state-sponsored hacking groups including Volt Typhoon, has resurged following the takedown of the KV botnet and is actively scanning SOHO and IoT devices globally. Lumen’s Black Lotus Labs reported the botnet’s evolution, noting its focus on mapping services and targeting U.S. military networks. The network was initially identified in late 2023 as a component of the KV botnet. No specific CVEs, technical attack vectors, or exact impact metrics were disclosed in the report. The campaign underscores persistent reconnaissance efforts against critical infrastructure.