More details have emerged about a botnet calledAVRecon, which has been observed making use of compromised small office/home office (SOHO) routers as part of a multi-year campaign active since at least May 2021. AVRecon wasfirst disclosedby Lumen Black Lotus Labs earlier this month as malware capable of executing additional commands and stealing victim’s bandwidth for what appears to be an