Newly Discovered PowMix Botnet Hits Czech Workers Using Randomized C2 Traffic

Thursday, April 16, 2026 at 05:52 PM UTC·Source: The Hacker News

Updated: Thursday, April 16, 2026 at 06:49 PM UTC

Executive Summary

Cybersecurity researchers have warned of an active malicious campaign that's targeting the workforce in the Czech Republic with a previously undocumented botnet dubbed PowMix since at least December 2025. "PowMix employs randomized command-and-control (C2) beaconing intervals, rather than persistent connection to the C2 server, to evade the network signature detections," Cisco Talos

Analysis

Source Attribution

Originally published by The Hacker News on Apr 16, 2026.

Related Threats

LOWMalware

U.S. authorities conduct cyber operations as part of global crackdown on DDoS-for-hire services

ANCHORAGE, Alaska – The U.S. Justice Department today announced court-authorized actions taken to disrupt some of the world’s leading Distributed Denial of Service (DDoS) Internet of Things (IoT) botnet services. U.S. authorities continue to focus resources on charging DDoS botnet administrators and seizing infrastructure, like websites, that allow paying users to launch powerful DDoS attacks....

Apr 17, 2026DataBreaches.net

MEDIUMMalware

ZionSiphon Malware Targets ICS in Water Facilities

The malware is configured to operate on systems associated with Israeli water treatment and desalination plants. The post ZionSiphon Malware Targets ICS in Water Facilities appeared first on SecurityWeek .

Apr 17, 2026SecurityWeek

MEDIUMMalware

ZionSiphon malware designed to sabotage water treatment systems

A new malware called ZionSiphon, specifically designed for operational technology, is targeting water treatment and desalination environments to sabotage their operations. [...]

Apr 16, 2026BleepingComputer