A joint security advisory from 16 government agencies across 10 countries warns that Chinese state-linked threat actors systematically use compromised IoT devices and routers as proxy networks (botnets) to launch attacks and steal data. The advisory highlights the Raptor Train botnet—controlled by China's Integrity Technology Group—which infected over 200,000 devices including SOHO routers, cameras, and firewalls. Multiple Chinese-linked threat groups, including Flax Typhoon, rely on these covert networks for infrastructure.
Infrastructure
Chinese attackers are pwning your infrastructure to use in attacks, 10 countries warn
Chinese state-linked threat actors (including Integrity Technology Group via Raptor Train) have compromised 200,000+ SOHO routers and IoT devices to build persistent proxy networks for coordinated attacks across multiple countries.
Thursday, April 23, 2026 12:00 PM UTC2 MIN READSOURCE: The RegisterBY sys://pipeline
Tags
infrastructure
/// RELATED
StrategyApr 28
‘AI deflation’ comes to India’s tech services giants and puts downward pressure on revenue
India's IT services giants confront 'AI deflation' as automation erodes high-margin services; HCL warns of 3–5% revenue decline despite industry pivot to AI productization.
SafetyApr 22
UK government says 100 countries have spyware that can hack people’s phones
Commercial spyware proliferation has doubled to 100 countries since 2023, with targets shifting from politicians to bankers and critical infrastructure as acquisition barriers collapse.