The Prometei botnet has been an ongoing threat since Cisco Talos first reported on it in 2020. As of November 2022, the botnet has improved its infrastructure components and capabilities, including certain submodules of the execution chain that automate processes and challenge forensic analysis methods. Based on data obtained by sinkholing the DGA domains over a one-week period in February 2023, the Prometei v3 botnet is estimated to be of medium size, with more than 10,000 infected systems worldwide. The actors have been actively spreading improved Linux versions of the bot, continuously improving the current version.
The US Pentagon announced on Friday that it had detected a Chinese spy balloon flying over the central United States. The US rejected China's claim that the balloon was a weather research airship and described it as a surveillance vehicle. Brig. Gen. Pat Ryder, the Pentagon press secretary, stated that the balloon was at an altitude of 60,000 feet, was maneuverable and posed no threat at the moment. The US Secretary of State Antony Blinken postponed a planned trip to China in response to the discovery of the balloon. The balloon was spotted over Montana, which is home to one of America's nuclear missile silo fields. The US prepared fighter jets, including F-22s, to shoot down the balloon, but ultimately decided against it due to the potential risks to people on the ground. China expressed regret for the balloon's entry into US airspace and said it was a civilian airship used mainly for meteorological research.