After the Mozi botnet mysteriously disappeared last year, a new and seemingly more powerful botnet, Androxgh0st, rose from its ashes and has quickly become a major threat to critical infrastructure.
As of December, at least one security shop suspects the new hybrid botnet is being weaponized by the Chinese government.
“Based on the available information, we can ascertain with low confidence that the Androxgh0st botnet is being operated by Chinese threat actors that are driven by similar interests as that of the Chinese state,” CloudSEK researcher Koushik Pal told The Register.
Check Point, meanwhile, rated Androxgh0st as the most prevalent malware globally, and said it affected 5 percent of…