ESET cybersecurity researchers determined that Mozi operators shut down their own botnet in August. According to Chinese cybersecurity firm Qihoo 360, the Mozi botnet launched in 2019 and expanded to over 1.5 million infected nodes in 2021, primarily infecting systems in China and India.

Qihoo 360 helped Chinese authorities arrest Mozi’s developers in 2021, but the botnet’s architecture allowed it to survive and spread. The botnet spread with thousands of new infections every day until August 2023. ESET researchers observed a sharp decline in Indian daily infections on August 8 and Chinese daily infections on August 16. In September, the same team discovered a kill switch that instructed the botnet to halt malicious activities on infected systems via HTTP. ESET assessed that Chinese law enforcement likely forced Mozi developers to shut down the botnet. Although Mozi malware remains installed on thousands of systems, it is no longer operational.

Read More:

https://www.securityweek.com/mozi-botnet-likely-killed-by-its-creators/