{"id":781,"date":"2026-01-23T03:22:32","date_gmt":"2026-01-23T03:22:32","guid":{"rendered":"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/23\/kimwolf-botnet-lurking-in-corporate-govt-networks\/"},"modified":"2026-01-23T03:22:32","modified_gmt":"2026-01-23T03:22:32","slug":"kimwolf-botnet-lurking-in-corporate-govt-networks","status":"publish","type":"post","link":"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/23\/kimwolf-botnet-lurking-in-corporate-govt-networks\/","title":{"rendered":"Kimwolf Botnet Lurking in Corporate, Govt. Networks"},"content":{"rendered":"<div>\n<p>A new Internet-of-Things (IoT) botnet called <strong>Kimwolf<\/strong> has spread to more than 2 million devices, forcing infected systems to participate in massive distributed denial-of-service (DDoS) attacks and to relay other malicious and abusive Internet traffic. Kimwolf\u2019s ability to scan the local networks of compromised systems for other IoT devices to infect makes it a sobering threat to organizations, and new research reveals Kimwolf is surprisingly prevalent in government and corporate networks.<\/p>\n<div id=\"attachment_73083\" style=\"width: 625px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" aria-describedby=\"caption-attachment-73083\" decoding=\"async\" class=\"size-full wp-image-73083\" src=\"https:\/\/krebsonsecurity.com\/wp-content\/uploads\/2026\/01\/ss-botnet.png\" alt=\"\" width=\"615\" height=\"615\"><\/p>\n<p id=\"caption-attachment-73083\" class=\"wp-caption-text\">Image: Shutterstock, @Elzicon.<\/p>\n<\/div>\n<p>Kimwolf grew rapidly in the waning months of 2025 by tricking various \u201cresidential proxy\u201d services into relaying malicious commands to devices on the local networks of those proxy endpoints. Residential proxies are sold as a way to anonymize and localize one\u2019s Web traffic to a specific region, and the biggest of these services allow customers to route their Internet activity through devices in virtually any country or city around the globe.<\/p>\n<p>The malware that turns one\u2019s Internet connection into a proxy node is often quietly bundled with various mobile apps and games, and it typically forces the infected device to relay malicious and abusive traffic \u2014 including ad fraud, account takeover attempts, and mass content-scraping.<\/p>\n<p>Kimwolf mainly targeted proxies from <strong>IPIDEA<\/strong>, a Chinese service that has millions of proxy endpoints for rent on any given week. The Kimwolf operators discovered they could <a href=\"https:\/\/krebsonsecurity.com\/2026\/01\/the-kimwolf-botnet-is-stalking-your-local-network\/\" target=\"_blank\" rel=\"noopener\">forward malicious commands<\/a> to the internal networks of IPIDEA proxy endpoints, and then programmatically scan for and infect other vulnerable devices on each endpoint\u2019s local network.<\/p>\n<p>Most of the systems compromised through Kimwolf\u2019s local network scanning have been unofficial Android TV streaming boxes. These are typically Android Open Source Project devices \u2014 not Android TV OS devices or Play Protect certified Android devices \u2014 and they are generally marketed as a way to watch unlimited (read:pirated) video content from popular subscription streaming services for a one-time fee.<\/p>\n<p>However, a great many of these TV boxes ship to consumers with residential proxy software pre-installed. What\u2019s more, they have no real security or authentication built-in: If you can communicate directly with the TV box, you can also easily compromise it with malware.<\/p>\n<p>While IPIDEA and other affected proxy providers recently have taken steps to block threats like Kimwolf from going upstream into their endpoints (reportedly with varying degrees of success), the Kimwolf malware remains on millions of infected devices.<\/p>\n<div id=\"attachment_73086\" style=\"width: 757px\" class=\"wp-caption aligncenter\"><img aria-describedby=\"caption-attachment-73086\" decoding=\"async\" loading=\"lazy\" class=\" wp-image-73086\" src=\"https:\/\/krebsonsecurity.com\/wp-content\/uploads\/2026\/01\/ipidea2023.png\" alt=\"\" width=\"747\" height=\"377\" srcset=\"https:\/\/krebsonsecurity.com\/wp-content\/uploads\/2026\/01\/ipidea2023.png 1219w, https:\/\/krebsonsecurity.com\/wp-content\/uploads\/2026\/01\/ipidea2023-768x387.png 768w, https:\/\/krebsonsecurity.com\/wp-content\/uploads\/2026\/01\/ipidea2023-782x395.png 782w\" sizes=\"auto, (max-width: 747px) 100vw, 747px\"><\/p>\n<p id=\"caption-attachment-73086\" class=\"wp-caption-text\">A screenshot of IPIDEA\u2019s proxy service.<\/p>\n<\/div>\n<p>Kimwolf\u2019s close association with residential proxy networks and compromised Android TV boxes might suggest we\u2019d find relatively few infections on corporate networks. However, the security firm <strong>Infoblox<\/strong> said a recent review of its customer traffic found <em>nearly 25 percent of them made a query to a Kimwolf-related domain name since October 1, 2025<\/em>, when the botnet first showed signs of life.<\/p>\n<p>Infoblox found the affected customers are based all over the world and in a wide range of industry verticals, from education and healthcare to government and finance.<\/p>\n<p>\u201cTo be clear, this suggests that nearly 25% of customers had at least one device that was an endpoint in a residential proxy service targeted by Kimwolf operators,\u201d Infoblox <a href=\"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/kimwolf-howls-from-inside-the-enterprise\/\" target=\"_blank\" rel=\"noopener\">explained<\/a>. \u201cSuch a device, maybe a phone or a laptop, was essentially co-opted by the threat actor to probe the local network for vulnerable devices. A query means a scan was made, not that new devices were compromised. Lateral movement would fail if there were no vulnerable devices to be found or if the DNS resolution was blocked.\u201d<span id=\"more-73065\"><\/span><\/p>\n<p><strong>Synthient<\/strong>, a startup that tracks proxy services and was <a href=\"https:\/\/krebsonsecurity.com\/2026\/01\/the-kimwolf-botnet-is-stalking-your-local-network\/\" target=\"_blank\" rel=\"noopener\">the first to disclose on January 2<\/a> the unique methods Kimwolf uses to spread, found proxy endpoints from IPIDEA were present in alarming numbers at government and academic institutions worldwide. Synthient said it spied at least 33,000 affected Internet addresses at universities and colleges, and nearly 8,000 IPIDEA proxies within various U.S. and foreign government networks.<\/p>\n<div id=\"attachment_73093\" style=\"width: 759px\" class=\"wp-caption aligncenter\"><img aria-describedby=\"caption-attachment-73093\" decoding=\"async\" loading=\"lazy\" class=\" wp-image-73093\" src=\"https:\/\/krebsonsecurity.com\/wp-content\/uploads\/2026\/01\/top50targetedomains.jpeg\" alt=\"\" width=\"749\" height=\"461\" srcset=\"https:\/\/krebsonsecurity.com\/wp-content\/uploads\/2026\/01\/top50targetedomains.jpeg 1808w, https:\/\/krebsonsecurity.com\/wp-content\/uploads\/2026\/01\/top50targetedomains-768x472.jpeg 768w, https:\/\/krebsonsecurity.com\/wp-content\/uploads\/2026\/01\/top50targetedomains-1536x945.jpeg 1536w, https:\/\/krebsonsecurity.com\/wp-content\/uploads\/2026\/01\/top50targetedomains-782x481.jpeg 782w\" sizes=\"auto, (max-width: 749px) 100vw, 749px\"><\/p>\n<p id=\"caption-attachment-73093\" class=\"wp-caption-text\">The top 50 domain names sought out by users of IPIDEA\u2019s residential proxy service, according to Synthient.<\/p>\n<\/div>\n<p>In a webinar on January 16, experts at the proxy tracking service <strong>Spur<\/strong> profiled Internet addresses associated with IPIDEA and 10 other proxy services that were thought to be vulnerable to Kimwolf\u2019s tricks. Spur found residential proxies in nearly 300 government owned and operated networks, 318 utility companies, 166 healthcare companies or hospitals, and 141 companies in banking and finance.<\/p>\n<p>\u201cI looked at the 298 [government] owned and operated [networks], and so many of them were DoD [U.S. Department of Defense], which is kind of terrifying that DoD has IPIDEA and these other proxy services located inside of it,\u201d Spur Co-Founder <strong>Riley Kilmer<\/strong> said. \u201cI don\u2019t know how these enterprises have these networks set up. It could be that [infected devices] are segregated on the network, that even if you had local access it doesn\u2019t really mean much. However, it\u2019s something to be aware of. If a device goes in, anything that device has access to the proxy would have access to.\u201d<\/p>\n<p>Kilmer said Kimwolf demonstrates how a single residential proxy infection can quickly lead to bigger problems for organizations that are harboring unsecured devices behind their firewalls, noting that proxy services present a potentially simple way for attackers to probe other devices on the local network of a targeted organization.<\/p>\n<p>\u201cIf you know you have [proxy] infections that are located in a company, you can chose that [network] to come out of and then locally pivot,\u201d Kilmer said. \u201cIf you have an idea of where to start or look, now you have a foothold in a company or an enterprise based on just that.\u201d<\/p>\n<p>This is the third story in our series on the Kimwolf botnet. Next week, we\u2019ll shed light on the myriad China-based individuals and companies connected to the <a href=\"https:\/\/www.humansecurity.com\/learn\/blog\/satori-threat-intelligence-disruption-badbox-2-0\/\" target=\"_blank\" rel=\"noopener\"><strong>Badbox 2.0 botnet<\/strong><\/a>, the collective name given to <a href=\"https:\/\/github.com\/synthient\/public-research\/blob\/main\/2026\/01\/kimwolf\/product_devices.csv\" target=\"_blank\" rel=\"noopener\">a vast number of Android TV streaming box models<\/a> that ship with no discernible security or authentication built-in, and with residential proxy malware pre-installed.<\/p>\n<p>Further reading:<\/p>\n<p><a href=\"https:\/\/krebsonsecurity.com\/2026\/01\/the-kimwolf-botnet-is-stalking-your-local-network\/\" target=\"_blank\" rel=\"noopener\">The Kimwolf Botnet is Stalking Your Local Network<\/a><\/p>\n<p><a href=\"https:\/\/krebsonsecurity.com\/2026\/01\/who-benefited-from-the-aisuru-and-kimwolf-botnets\/\" target=\"_blank\" rel=\"noopener\">Who Benefitted from the Aisuru and Kimwolf Botnets?<\/a><\/p>\n<p><a href=\"https:\/\/synthient.com\/blog\/a-broken-system-fueling-botnets\" target=\"_blank\" rel=\"noopener\">A Broken System Fueling Botnets<\/a> (Synthient).<\/p>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>A new Internet-of-Things (IoT) botnet called Kimwolf has spread to more than 2 million devices, forcing infected systems to participate in massive distributed denial-of-service (DDoS) attacks and to relay other malicious and abusive Internet traffic. Kimwolf\u2019s ability to scan the local networks of compromised systems for other IoT devices to infect makes it a sobering [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"site-container-style":"default","site-container-layout":"default","site-sidebar-layout":"default","disable-article-header":"default","disable-site-header":"default","disable-site-footer":"default","disable-content-area-spacing":"default","footnotes":""},"categories":[354,90,348,205,409,358,359,143,366,367,368,176,145],"tags":[91],"class_list":["post-781","post","type-post","status-publish","format-standard","hentry","category-badbox-2-0","category-cybersecurity","category-ddos-for-hire","category-infoblox","category-internet-of-things-iot","category-ipidea","category-kimwolf","category-latest-warnings","category-riley-kilmer","category-spur","category-synthient","category-the-coming-storm","category-web-fraud-2-0","tag-cybersecurity"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.7 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Kimwolf Botnet Lurking in Corporate, Govt. Networks - Imperative Business Ventures Limited<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/23\/kimwolf-botnet-lurking-in-corporate-govt-networks\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Kimwolf Botnet Lurking in Corporate, Govt. Networks - Imperative Business Ventures Limited\" \/>\n<meta property=\"og:description\" content=\"A new Internet-of-Things (IoT) botnet called Kimwolf has spread to more than 2 million devices, forcing infected systems to participate in massive distributed denial-of-service (DDoS) attacks and to relay other malicious and abusive Internet traffic. Kimwolf\u2019s ability to scan the local networks of compromised systems for other IoT devices to infect makes it a sobering [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/23\/kimwolf-botnet-lurking-in-corporate-govt-networks\/\" \/>\n<meta property=\"og:site_name\" content=\"Imperative Business Ventures Limited\" \/>\n<meta property=\"article:published_time\" content=\"2026-01-23T03:22:32+00:00\" \/>\n<meta name=\"author\" content=\"admin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"admin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/23\/kimwolf-botnet-lurking-in-corporate-govt-networks\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/23\/kimwolf-botnet-lurking-in-corporate-govt-networks\/\"},\"author\":{\"name\":\"admin\",\"@id\":\"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02\"},\"headline\":\"Kimwolf Botnet Lurking in Corporate, Govt. Networks\",\"datePublished\":\"2026-01-23T03:22:32+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/23\/kimwolf-botnet-lurking-in-corporate-govt-networks\/\"},\"wordCount\":998,\"image\":{\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/23\/kimwolf-botnet-lurking-in-corporate-govt-networks\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/krebsonsecurity.com\/wp-content\/uploads\/2026\/01\/ss-botnet.png\",\"keywords\":[\"Cybersecurity\"],\"articleSection\":[\"BadBox 2.0\",\"Cybersecurity\",\"DDoS-for-Hire\",\"Infoblox\",\"Internet of Things (IoT)\",\"IPidea\",\"Kimwolf\",\"Latest Warnings\",\"Riley Kilmer\",\"Spur\",\"Synthient\",\"The Coming Storm\",\"Web Fraud 2.0\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/23\/kimwolf-botnet-lurking-in-corporate-govt-networks\/\",\"url\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/23\/kimwolf-botnet-lurking-in-corporate-govt-networks\/\",\"name\":\"Kimwolf Botnet Lurking in Corporate, Govt. Networks - Imperative Business Ventures Limited\",\"isPartOf\":{\"@id\":\"https:\/\/blog.ibvl.in\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/23\/kimwolf-botnet-lurking-in-corporate-govt-networks\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/23\/kimwolf-botnet-lurking-in-corporate-govt-networks\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/krebsonsecurity.com\/wp-content\/uploads\/2026\/01\/ss-botnet.png\",\"datePublished\":\"2026-01-23T03:22:32+00:00\",\"author\":{\"@id\":\"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02\"},\"breadcrumb\":{\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/23\/kimwolf-botnet-lurking-in-corporate-govt-networks\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/23\/kimwolf-botnet-lurking-in-corporate-govt-networks\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/23\/kimwolf-botnet-lurking-in-corporate-govt-networks\/#primaryimage\",\"url\":\"https:\/\/krebsonsecurity.com\/wp-content\/uploads\/2026\/01\/ss-botnet.png\",\"contentUrl\":\"https:\/\/krebsonsecurity.com\/wp-content\/uploads\/2026\/01\/ss-botnet.png\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/23\/kimwolf-botnet-lurking-in-corporate-govt-networks\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/blog.ibvl.in\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Kimwolf Botnet Lurking in Corporate, Govt. Networks\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/blog.ibvl.in\/#website\",\"url\":\"https:\/\/blog.ibvl.in\/\",\"name\":\"Imperative Business Ventures Limited\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/blog.ibvl.in\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02\",\"name\":\"admin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/blog.ibvl.in\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/4d20b2cd313e4417a599678e950e6fb7d4dfa178a72f2b769335a08aaa615aa9?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/4d20b2cd313e4417a599678e950e6fb7d4dfa178a72f2b769335a08aaa615aa9?s=96&d=mm&r=g\",\"caption\":\"admin\"},\"sameAs\":[\"https:\/\/blog.ibvl.in\"],\"url\":\"https:\/\/blog.ibvl.in\/index.php\/author\/admin_hcbs9yw6\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Kimwolf Botnet Lurking in Corporate, Govt. Networks - Imperative Business Ventures Limited","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/23\/kimwolf-botnet-lurking-in-corporate-govt-networks\/","og_locale":"en_US","og_type":"article","og_title":"Kimwolf Botnet Lurking in Corporate, Govt. Networks - Imperative Business Ventures Limited","og_description":"A new Internet-of-Things (IoT) botnet called Kimwolf has spread to more than 2 million devices, forcing infected systems to participate in massive distributed denial-of-service (DDoS) attacks and to relay other malicious and abusive Internet traffic. Kimwolf\u2019s ability to scan the local networks of compromised systems for other IoT devices to infect makes it a sobering [&hellip;]","og_url":"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/23\/kimwolf-botnet-lurking-in-corporate-govt-networks\/","og_site_name":"Imperative Business Ventures Limited","article_published_time":"2026-01-23T03:22:32+00:00","author":"admin","twitter_card":"summary_large_image","twitter_misc":{"Written by":"admin","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/23\/kimwolf-botnet-lurking-in-corporate-govt-networks\/#article","isPartOf":{"@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/23\/kimwolf-botnet-lurking-in-corporate-govt-networks\/"},"author":{"name":"admin","@id":"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02"},"headline":"Kimwolf Botnet Lurking in Corporate, Govt. Networks","datePublished":"2026-01-23T03:22:32+00:00","mainEntityOfPage":{"@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/23\/kimwolf-botnet-lurking-in-corporate-govt-networks\/"},"wordCount":998,"image":{"@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/23\/kimwolf-botnet-lurking-in-corporate-govt-networks\/#primaryimage"},"thumbnailUrl":"https:\/\/krebsonsecurity.com\/wp-content\/uploads\/2026\/01\/ss-botnet.png","keywords":["Cybersecurity"],"articleSection":["BadBox 2.0","Cybersecurity","DDoS-for-Hire","Infoblox","Internet of Things (IoT)","IPidea","Kimwolf","Latest Warnings","Riley Kilmer","Spur","Synthient","The Coming Storm","Web Fraud 2.0"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/23\/kimwolf-botnet-lurking-in-corporate-govt-networks\/","url":"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/23\/kimwolf-botnet-lurking-in-corporate-govt-networks\/","name":"Kimwolf Botnet Lurking in Corporate, Govt. Networks - Imperative Business Ventures Limited","isPartOf":{"@id":"https:\/\/blog.ibvl.in\/#website"},"primaryImageOfPage":{"@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/23\/kimwolf-botnet-lurking-in-corporate-govt-networks\/#primaryimage"},"image":{"@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/23\/kimwolf-botnet-lurking-in-corporate-govt-networks\/#primaryimage"},"thumbnailUrl":"https:\/\/krebsonsecurity.com\/wp-content\/uploads\/2026\/01\/ss-botnet.png","datePublished":"2026-01-23T03:22:32+00:00","author":{"@id":"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02"},"breadcrumb":{"@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/23\/kimwolf-botnet-lurking-in-corporate-govt-networks\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/blog.ibvl.in\/index.php\/2026\/01\/23\/kimwolf-botnet-lurking-in-corporate-govt-networks\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/23\/kimwolf-botnet-lurking-in-corporate-govt-networks\/#primaryimage","url":"https:\/\/krebsonsecurity.com\/wp-content\/uploads\/2026\/01\/ss-botnet.png","contentUrl":"https:\/\/krebsonsecurity.com\/wp-content\/uploads\/2026\/01\/ss-botnet.png"},{"@type":"BreadcrumbList","@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/23\/kimwolf-botnet-lurking-in-corporate-govt-networks\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/blog.ibvl.in\/"},{"@type":"ListItem","position":2,"name":"Kimwolf Botnet Lurking in Corporate, Govt. Networks"}]},{"@type":"WebSite","@id":"https:\/\/blog.ibvl.in\/#website","url":"https:\/\/blog.ibvl.in\/","name":"Imperative Business Ventures Limited","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/blog.ibvl.in\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02","name":"admin","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blog.ibvl.in\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/4d20b2cd313e4417a599678e950e6fb7d4dfa178a72f2b769335a08aaa615aa9?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/4d20b2cd313e4417a599678e950e6fb7d4dfa178a72f2b769335a08aaa615aa9?s=96&d=mm&r=g","caption":"admin"},"sameAs":["https:\/\/blog.ibvl.in"],"url":"https:\/\/blog.ibvl.in\/index.php\/author\/admin_hcbs9yw6\/"}]}},"_links":{"self":[{"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/posts\/781","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/comments?post=781"}],"version-history":[{"count":0,"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/posts\/781\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/media?parent=781"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/categories?post=781"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/tags?post=781"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}