China-linked JDY botnet accelerates enterprise risk
🔍 Lumen’s Black Lotus Labs reports a China-linked botnet called JDY has grown to over 1,500 compromised SOHO and IoT devices used to rapidly discover and fingerprint internet-facing systems after public vulnerability disclosures. The activity, tied to nation-state actors including Volt Typhoon, enables persistent, distributed reconnaissance that can evade geofencing and IP-reputation controls. Researchers warn this marks a shift toward industrialized pre-exploitation scanning and undermines traditional perimeter patch and monitoring assumptions.
