Bleepingcomputer
ShadowV2 Botnet Exploits AWS Outage to Target IoT Devices Globally
First seen 26 Nov 2025, 23:33 UTC
•

•88% similarity
•47.4
Share:
Export
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Browse articles
During the major AWS outage in October 2025, a Mirai-based botnet named ShadowV2 was identified infecting IoT devices across 28 countries. The botnet exploited known vulnerabilities in devices from manufacturers like D-Link and TP-Link, forming a network of compromised devices for potential future attacks, including DDoS. Researchers from Fortinet's FortiGuard Labs noted that the botnet's activity coincided with the outage, suggesting it was a test run.
ThreatCluster AI