-
Our first story of 2026 revealed how a destructive new botnet called Kimwolf rapidly grew to infect more than two million devices by mass-compromising a vast number of unofficial Android TV streaming boxes. Today, we’ll dig through digital clues left behind by the hackers, network operators, and cybercrime services that appear to have benefitted from Kimwolf’s spread.
·
3XK Tech GmbH, A Little Sunshine, Aisuru, AT&T, Benjamin Brundage, Breadcrumbs, ByteConnect, Cassidy Hales, DDoS-for-Hire, Dort, Ethereum Name Service, Flashpoint, Forky, Friedrich Kraft, GreyNoise Intelligence, Internet of Things (IoT), Julia Levi, Kimwolf, Linus, Maskify, Ne’er-Do-Well News, Plainproxies, Resi Rack LLC, Shox, Snow, Synthient, XLab¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Synthient discovers over 2 million Android TV boxes and smart TVs hijacked by the Kimwolf botnet. Learn how hackers are using home devices to launch DDoS attacks and how you can protect your home network.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The story you are reading is a series of scoops nestled inside a far more urgent Internet-wide security advisory. The vulnerability at issue has been exploited for months already, and it’s time for a broader awareness of the threat. The short version is that everything you thought you knew about the security of the internal network behind your Internet router probably is now dangerously out of date.
·
911s5, 922 Proxy, A Little Sunshine, Aisuru, AISURU Botnet, Akamai Technologies, Android Debug Bridge, BadBox 2.0, Ben Brundage, Chad Seaman, DDoS-for-Hire, HUMAN Security, IPidea, Kimwolf, Kimwolf botnet, krebsfiveheadindustries, Latest Warnings, Lindsay Kaye, Oxylabs, Quokka, residential proxy, Riley Kilmer, Spur, Synthient, Uhale app, Web Fraud 2.0, XLab¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
KrebsOnSecurity.com celebrates its 16th anniversary today! A huge “thank you” to all of our readers — newcomers, long-timers and drive-by critics alike. Your engagement this past year here has been tremendous and truly a salve on a handful of dark days. Happily, comeuppance was a strong theme running through our coverage in 2025, with a primary focus on entities that enabled complex and globally-dispersed cybercrime services.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
