China-Linked JDY Botnet Expands to 1,500+ Devices for Cyber Reconnaissance

The JDY botnet, linked to Chinese state-sponsored hackers, now controls over 1,500 compromised SOHO routers, firewalls, and IoT devices. It operates as a centrally controlled scanner for reconnaissance and service fingerprinting, targeting vulnerable infrastructure after public disclosures. Most infected nodes are in the U.S. and Brazil.