Key Findings The Kimwolf Android botnet has infected over 2 million devices, primarily through the exploitation of residential proxy networks. The botnet primarily targets low-cost, unofficial Android TV boxes that are left insecure or intentionally configured as proxy nodes. Kimwolf is believed to be an Android variant of the AISURU botnet, with connections to a series of record-setting DDoS attacks. The botnet uses a scanning infrastructure that leverages residential proxie
