Security researchers have successfully null-routed traffic destined for over 550 command-and-control nodes associated with Kimwolf malware since early October 2025. The threat campaign has proven devastating in scale—more than 2 million Android devices have fallen victim to compromise, with attackers primarily exploiting unsecured ADB (Android Debug Bridge) interfaces on unauthorized TV boxes. Once infected, these compromised devices were systematically repurposed and resold into residential proxy networks. This represents a significant supply-chain threat within the broader Web3 infrastructure landscape, as compromised proxies can be weaponized for illicit activities including botnet operations, credential harvesting, and market manipulation. Industry participants should conduct thorough security audits of their network infrastructure and consider implementing stricter device authentication protocols.

This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.
  • Reward
  • 10
  • Repost
  • Share
Comment
Add a comment
Add a comment
No comments
  • Pinned