-
The cybercriminals in control of Kimwolf — a disruptive botnet that has infected more than 2 million devices — recently shared a screenshot indicating they’d compromised the control panel for Badbox 2.0, a vast China-based botnet powered by malicious software that comes pre-installed on many Android TV streaming boxes. Both the FBI and Google say they are hunting for the people behind Badbox 2.0, and thanks to bragging by the Kimwolf botmasters we may now have a much clearer idea…
·
18681627767, 189308024@qq.com, 34557257@qq.com, BadBox 2.0, Beijing Astrolink Wireless Digital Technology Co. Ltd, Beijing Hengchuang Vision Mobile Media Technology Co. Ltd., Beijing Hong Dake Wang Science & Technology Co Ltd., Breadcrumbs, cathead@gmail.com, Chen Daihai, Constella Intelligence, daihaic@gmail.com, Dort, Federal Bureau of Investigation, Guilin Huang, HUMAN Security, Internet of Things (IoT), Moxin Beijing Science and Technology Co. Ltd., osint.industries, Snow, SpyCloud, Web Fraud 2.0, xavierzhu@gmail.com, xavierzhu@qq.com, Zhu Zhiyu, 桂林 黄, 陈代海¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Our first story of 2026 revealed how a destructive new botnet called Kimwolf rapidly grew to infect more than two million devices by mass-compromising a vast number of unofficial Android TV streaming boxes. Today, we’ll dig through digital clues left behind by the hackers, network operators, and cybercrime services that appear to have benefitted from Kimwolf’s spread.
·
3XK Tech GmbH, A Little Sunshine, Aisuru, AT&T, Benjamin Brundage, Breadcrumbs, ByteConnect, Cassidy Hales, DDoS-for-Hire, Dort, Ethereum Name Service, Flashpoint, Forky, Friedrich Kraft, GreyNoise Intelligence, Internet of Things (IoT), Julia Levi, Kimwolf, Linus, Maskify, Ne’er-Do-Well News, Plainproxies, Resi Rack LLC, Shox, Snow, Synthient, XLab¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
