Group 1 - The core viewpoint of the report is that botnets are increasingly being used as tools in geopolitical conflicts, impacting critical infrastructure and influencing public opinion [16][22][25] - Botnets are evolving into weapons for state-level cyber warfare, with significant DDoS attacks observed during major geopolitical events such as the Russia-Ukraine war and the Israel-Palestine conflict [16][22] - The report highlights that botnets are being utilized by advanced persistent threat (APT) groups and ransomware gangs for intelligence gathering and launching subsequent attacks [17][39] Group 2 - The report indicates that the Mirai botnet family is the most active, with a significant number of command and control (C&C) servers located in the United States [67][68] - The infection methods for botnets include exploiting vulnerabilities in Linux/IoT platforms and using phishing emails for Windows platforms, with the U.S. having the highest number of infected devices [51][58] - The report notes that botnets are increasingly employing advanced evasion techniques to avoid detection, such as using Domain Generation Algorithms (DGA) and DNS over HTTPS (DoH) [2][17] Group 3 - New botnet families are emerging, showcasing unique functionalities and communication patterns, which pose increasing threats to cybersecurity [3][67] - Active botnet groups like Hail and KekSec are frequently launching attacks, while new groups like Bigpanzi are also contributing to the evolving threat landscape [4][3] - The report predicts that botnets will be used more efficiently by APT and ransomware groups for profit-driven activities, with enhanced stealth in their propagation methods [4][16]

关于绿盟科技 绿盟科技集团股份有限公司（以下简称绿盟科技），成立于 2000 年 4 月，总部位于北京。公司于 2014 年 1 月 29 日起在深圳证券交易 所创业板 上市，证券代码：300369。绿盟科技在国内设有 40 多个分支 机构，为政府、运营商、金融、能源、互联网以及教育、医疗等行业用户， 提供全线网络安全产品、全方位安全解决方案和体系化安全运营服务。 公司在美国 硅谷、日本东京、英国伦敦、新加坡设立海外子公司，深入 开展全球业务，打造全球网络安全行业的中国品牌。 关于伏影实验室 专注于安全威胁监测与对抗技术的研究，涵盖 APT 高级威胁、 Botnet、DDoS 对抗、流行服务漏洞利用、黑灰产业链威胁及数字资产 等新兴领域。 研究目标是掌握现有网络威胁，识别并追踪新型威胁，精准溯源与 反制威胁，降低风险影响，为威胁对抗提供有力决策支持。 采用前沿技术探索与实战对抗相结合的研究模式，协助国家单位破 获 APT 攻击案件数起，全球率先发现 8 个新型 APT 攻击组织，处置 40 多起涉我 APT 攻击事件，为国家重大网络安保做出突出贡献。 版权声明 本文中出现的任何文字叙述、文档格式、插图、照片、 ...