Alex Turing
Bio: Alex Turing is a seasoned researcher at QI-ANXIN Xlab, specializing in kernel development and threat intelligence.His primary focus is on Linux-based threats, particularly DDoS botnets. Alex has contributed to significant discoveries,including the notorious Mozi botnet.Currently, he is analyzing APT attacks, with a particular emphasis on those targeting the Asian region, especially China.
Alex Turing 🗣
Abstract (click to view)
With the rapid proliferation of internet-connected devices, cybercrime groups have expanded their reach to increasingly diverse targets. While IoT-based botnets are common, large-scale infections involving set-top boxes (STBs), TV remain rare, especially at the scale of millions of devices. Enter Bigpanzi,a notable exception in this landscape. This group operates multiple million-scale botnets,including Pandoraspear and Pandorapcdn, and is closely linked to the recently uncovered v01d botnet which has infected nearly 1.6 million devices across 220 countries worldwide. Their operations encompass traffic proxy services, DDoS attacks, and OTT content delivery, showcasing their persistence and profitability.
Bigpanzi stands apart for three key reasons:
1. Long-term activity: Evidence traces its operations back to 2015.
2. Massive scale: Sinkhole analysis reveals over one million daily active nodes.
3. Unique targets: Focused infections on Android-based TVs, eCos-based STBs and satellite receivers.
