{"id":60840,"date":"2026-06-11T00:00:45","date_gmt":"2026-06-11T00:00:45","guid":{"rendered":"https:\/\/www.theregister.com\/a\/5253873"},"modified":"2026-06-11T00:00:45","modified_gmt":"2026-06-11T00:00:45","slug":"chinese-agents-caught-rebuilding-botnets-and-stirring-the-pot-on-ai-datacenter-debate","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/chinese-agents-caught-rebuilding-botnets-and-stirring-the-pot-on-ai-datacenter-debate\/","title":{"rendered":"Chinese agents caught rebuilding botnets and stirring the pot on AI datacenter debate"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/image.theregister.com\/5226078.jpg?imageId=5226078&amp;x=0&amp;y=0&amp;cropw=100&amp;croph=100&amp;panox=0&amp;panoy=0&amp;panow=100&amp;panoh=100&amp;width=1200&amp;height=683\" class=\"ff-og-image-inserted\"><\/div>\n<p>Multiple reports indicate that Chinese operatives continue using every tech tool at their disposal \u2013 including American AI&nbsp;\u2013 to amass data on and manipulate everyone from security-clearance holders to everyday US citizens. And they\u2019re trying to influence public opinion on building datacenters for AI, albeit without success so far.<\/p>\n<p>One of these reports found a \u201csignificant resurgence\u201d of a botnet linked to Chinese government-backed goons, including <a href=\"https:\/\/www.theregister.com\/security\/2025\/03\/12\/this-is-the-fbi-chinas-volt-typhoon-is-on-your-network\/804368\">Volt Typhoon<\/a>, which previously used a covert network of connected devices to burrow deep into critical US networks and preposition for <a href=\"https:\/\/www.theregister.com\/2024\/02\/07\/us_chinas_volt_typhoon_attacks\/\">future destructive attacks<\/a>.<\/p>\n<p>In January 2024, the FBI said it killed Volt\u2019s <a href=\"https:\/\/www.theregister.com\/2024\/01\/31\/volt_typhoon_botnet\/\">KV-botnet<\/a>, comprised of hundreds of end-of-life routers and other internet-connected devices. At the time, KV-botnet consisted of four clusters, with the KV cluster primarily being used as a covert data transfer network, and the JDY cluster used for scanning and reconnaissance.&nbsp;<\/p>\n<p>In a Wednesday report, Lumen\u2019s Black Lotus Labs said that while the KV cluster became largely <a href=\"https:\/\/www.lumen.com\/blog\/en-us\/kv-botnet-dont-call-comeback\" rel=\"nofollow\">defunct<\/a> after the law enforcement takedown, the JDY cluster remains an active threat, and has since surged to more than 1,500 compromised routers and IoT devices.<\/p>\n<p>\u201cAnalysis of this activity shows a clear focus on identifying vulnerable infrastructure shortly after public vulnerability disclosures, suggesting that reconnaissance output is rapidly operationalized by China-nexus advanced persistent threat (APT) actors,\u201d the threat intel team <a href=\"https:\/\/www.lumen.com\/blog\/en-us\/expanded-jdy-iot-and-soho-botnet-enables-rapid-vulnerability-exploitation\" rel=\"nofollow\">wrote<\/a>. \u201cThis targeted focus has been observed across a range of sectors, with the US military and associated entities as the most prominent.\u201d<\/p>\n<p>While the botnet resurgence poses the most pressing threat, and the security shop recommends all enterprises implement CISA and NCSC guidance for <a href=\"https:\/\/www.cisa.gov\/sites\/default\/files\/2024-03\/aa24-038a_csa_prc_state_sponsored_actors_compromise_us_critical_infrastructure_3.pdf\" rel=\"nofollow\">mitigating Volt Typhoon activity<\/a> and <a href=\"https:\/\/www.cisa.gov\/news-events\/cybersecurity-advisories\/aa26-113a\" rel=\"nofollow\">defending against China-nexus covert networks of compromised devices<\/a>, another report indicates that China\u2019s attempts at influence operations haven\u2019t died down, either.<\/p>\n<h3>Using American AI for covert ops about \u2026 American AI<\/h3>\n<p>OpenAI in a Wednesday <a href=\"https:\/\/cdn.openai.com\/pdf\/96b559fa-c165-4575-805d-e636909e2f78\/June-2026-Threat-Report.pdf\" rel=\"nofollow\">report<\/a> said it banned ChatGPT accounts likely originating from China after they used the American AI company\u2019s models to generate content for covert operations about \u2013 wait for it&nbsp; \u2013 American AI. While neither of the two clusters seemed to have much success in sowing chaos or swaying opinions, the fact that they tried at all is significant, according to Ben Nimmo, principal investigator on OpenAI\u2019s Intelligence and Investigations team.<\/p>\n<p>\u201cNeither campaign appears to have gained much authentic engagement,\u201d Nimmo told reporters. \u201cThey&#8217;re important for what they reveal about the intentions of influence operators from China and the narratives they&#8217;re testing and seeking to amplify.\u201d<\/p>\n<p>The first cluster used ChatGPT to generate social media content and images for an operation claiming datacenters and AI applications are increasing electricity demand and causing higher costs for ordinary Americans.<\/p>\n<p>\u201cFor example, they asked for comic strips about a power grid operator\u2019s capacity auction prices based on reporting from a legitimate regional paper,\u201d the report says. \u201cThey asked ChatGPT to focus the comments on rising capacity prices as a consequence of peak electricity demand, framing the new demand as coming from data centers and AI applications and argued that these costs were ultimately passed to ordinary households.\u201d<\/p>\n<p>The operators then posted these comments and images on X, likely using fake accounts, with links to real news stories about datacenters.&nbsp;<\/p>\n<p>OpenAI suspects the operators are part of a social-media team at a private Chinese tech company that provides services for Chinese provincial-level government clients.&nbsp;<\/p>\n<p>\u201cThis was not a case of an influence operation creating a debate,\u201d Nimmo said. \u201cThe debate existed already. This was an influence operation from China trying to interfere in it. We didn&#8217;t see any signs that they succeeded.\u201d<\/p>\n<p>The second cluster of banned ChatGPT accounts also likely originated in China and used OpenAI\u2019s models to write comments and draw political cartoons criticizing US tech policies and tariffs. \u201cInterestingly, the operators specified in their prompts that the content should not include cartoons of Xi Jinping in the output and should only include President Trump,\u201d Nimmo said.<\/p>\n<p>These accounts, all writing prompts in simplified Chinese and using VPNs to access the AI systems, also used ChatGPT to edit work reports and help design social media monitoring systems. \u201cThis isn&#8217;t the first time that we&#8217;ve seen actors in China trying to come up with ideas for social media monitoring,\u201d Nimmo said.<\/p>\n<p>In February, OpenAI said it banned ChatGPT accounts believed to be linked to Chinese government entities attempting to <a href=\"https:\/\/www.theregister.com\/security\/2025\/10\/07\/openai-bans-some-chinese-russian-accounts-using-ai-for-evil\/1226190\">use AI models to surveil<\/a> individuals and social media accounts.<\/p>\n<h3>If AI doesn&#8217;t work, bribery might?<\/h3>\n<p>If Chinese agents can\u2019t use AI systems to unearth sensitive information, there are always fake websites and job offers <a href=\"https:\/\/www.theregister.com\/security\/2026\/06\/04\/five-eyes-china-expanding-state-secret-recruitment-campaign\/5250978\">promising cash for state secrets<\/a>. We\u2019ve seen Beijing-linked government snoops <a href=\"https:\/\/www.theregister.com\/on-prem\/2025\/05\/17\/attn-fired-us-govt-workers-uncle-xi-wants-you\/1413156\">use these tactics in the past<\/a>, and according to the US Justice Department, they\u2019re still using this scam (because it works).<\/p>\n<p>On Wednesday, the feds said they obtained a warrant for and seized 13 fake consulting company websites used to target US persons, including current and former security clearance holders with access to classified and sensitive government information.<\/p>\n<p>The domains include centrikglobalconsulting.com, rightinfoconsult.com, finnaclevesperconsulting.com, cydfconsulting.com, pulsewaveglobal.com, catalystglobalsolutions.com, thehorizzen.com, geoindopacific.com, gpf-ina.org, safesec-group.com, thetruthinfo.com, Vandercons.com, and gulfpeace.org.&nbsp;&nbsp;<\/p>\n<div data-element-guid=\"afe083ca-6701-48e9-9bd8-f8827dd7fb42\" class=\"lab4 column articleList layout_vertical imageLayout_left small-12 large-12 small-abs-12 large-abs-12 abs_grid_12 grid-vas-start mobile-grid-vas-start\">\n<div class=\"content border_width_0 border_width_mobile_0 border-radius-48 border-radius-mobile_48\">\n<h2 class=\"article-list-title t19 font-RobotoCondensed\">MORE CONTEXT<\/h2>\n<\/p><\/div>\n<\/div>\n<p>Since November 2023, these websites and associated job postings on social media, LinkedIn, and other hiring platforms advertised \u201cconsulting\u201d jobs, including \u201cSenior Analyst\u201d and \u201cInternational Affairs Consultant\u201d positions.<\/p>\n<p>Suspected PRC operatives used the sites and job listings to recruit applicants and bribe them for sensitive information, DOJ alleges. \u201cThe conspirators have encouraged applicants and recruits to share confidential and sensitive information in violation of their official duties and of particular interest to the People&#8217;s Republic of China (PRC) government,\u201d according to the <a href=\"https:\/\/www.justice.gov\/usao-dc\/media\/1445291\/dl?inline\" rel=\"nofollow\">court documents<\/a>. \u201cThe recruiters pressured candidates to share confidential information and reports from \u2018insider sources&#8217; in violation of their official duties.\u201d&nbsp;<\/p>\n<p>The court documents allege the conspirators then paid the recruits for these reports using online accounts in the names of fictitious individuals, and cryptocurrency to hide their identities and the source of the payments.&nbsp;\u00ae<\/p>\n<p> <img decoding=\"async\" src=\"https:\/\/image.theregister.com\/?imageId=5226078&#038;width=800\">READ MORE <a href=\"https:\/\/www.theregister.com\/security\/2026\/06\/11\/china-linked-operators-revive-botnet-stir-ai-datacenter-debate\/5253873\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p> PRC eyes are watching you READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":60841,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[63],"tags":[307],"class_list":["post-60840","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-the-register","tag-security"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Chinese agents caught rebuilding botnets and stirring the pot on AI datacenter debate 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/chinese-agents-caught-rebuilding-botnets-and-stirring-the-pot-on-ai-datacenter-debate\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Chinese agents caught rebuilding botnets and stirring the pot on AI datacenter debate 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/chinese-agents-caught-rebuilding-botnets-and-stirring-the-pot-on-ai-datacenter-debate\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2026-06-11T00:00:45+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/image.theregister.com\/5226078.jpg?imageId=5226078&amp;x=0&amp;y=0&amp;cropw=100&amp;croph=100&amp;panox=0&amp;panoy=0&amp;panow=100&amp;panoh=100&amp;width=1200&amp;height=683\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/chinese-agents-caught-rebuilding-botnets-and-stirring-the-pot-on-ai-datacenter-debate\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/chinese-agents-caught-rebuilding-botnets-and-stirring-the-pot-on-ai-datacenter-debate\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Chinese agents caught rebuilding botnets and stirring the pot on AI datacenter debate\",\"datePublished\":\"2026-06-11T00:00:45+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/chinese-agents-caught-rebuilding-botnets-and-stirring-the-pot-on-ai-datacenter-debate\\\/\"},\"wordCount\":1025,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/chinese-agents-caught-rebuilding-botnets-and-stirring-the-pot-on-ai-datacenter-debate\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2026\\\/06\\\/chinese-agents-caught-rebuilding-botnets-and-stirring-the-pot-on-ai-datacenter-debate.jpg\",\"keywords\":[\"Security\"],\"articleSection\":[\"The Register\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/chinese-agents-caught-rebuilding-botnets-and-stirring-the-pot-on-ai-datacenter-debate\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/chinese-agents-caught-rebuilding-botnets-and-stirring-the-pot-on-ai-datacenter-debate\\\/\",\"name\":\"Chinese agents caught rebuilding botnets and stirring the pot on AI datacenter debate 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/chinese-agents-caught-rebuilding-botnets-and-stirring-the-pot-on-ai-datacenter-debate\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/chinese-agents-caught-rebuilding-botnets-and-stirring-the-pot-on-ai-datacenter-debate\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2026\\\/06\\\/chinese-agents-caught-rebuilding-botnets-and-stirring-the-pot-on-ai-datacenter-debate.jpg\",\"datePublished\":\"2026-06-11T00:00:45+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/chinese-agents-caught-rebuilding-botnets-and-stirring-the-pot-on-ai-datacenter-debate\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/chinese-agents-caught-rebuilding-botnets-and-stirring-the-pot-on-ai-datacenter-debate\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/chinese-agents-caught-rebuilding-botnets-and-stirring-the-pot-on-ai-datacenter-debate\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2026\\\/06\\\/chinese-agents-caught-rebuilding-botnets-and-stirring-the-pot-on-ai-datacenter-debate.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2026\\\/06\\\/chinese-agents-caught-rebuilding-botnets-and-stirring-the-pot-on-ai-datacenter-debate.jpg\",\"width\":100,\"height\":50},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/chinese-agents-caught-rebuilding-botnets-and-stirring-the-pot-on-ai-datacenter-debate\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Security\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/security\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Chinese agents caught rebuilding botnets and stirring the pot on AI datacenter debate\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Chinese agents caught rebuilding botnets and stirring the pot on AI datacenter debate 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/chinese-agents-caught-rebuilding-botnets-and-stirring-the-pot-on-ai-datacenter-debate\/","og_locale":"en_US","og_type":"article","og_title":"Chinese agents caught rebuilding botnets and stirring the pot on AI datacenter debate 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/chinese-agents-caught-rebuilding-botnets-and-stirring-the-pot-on-ai-datacenter-debate\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2026-06-11T00:00:45+00:00","og_image":[{"url":"https:\/\/image.theregister.com\/5226078.jpg?imageId=5226078&amp;x=0&amp;y=0&amp;cropw=100&amp;croph=100&amp;panox=0&amp;panoy=0&amp;panow=100&amp;panoh=100&amp;width=1200&amp;height=683","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/chinese-agents-caught-rebuilding-botnets-and-stirring-the-pot-on-ai-datacenter-debate\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/chinese-agents-caught-rebuilding-botnets-and-stirring-the-pot-on-ai-datacenter-debate\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Chinese agents caught rebuilding botnets and stirring the pot on AI datacenter debate","datePublished":"2026-06-11T00:00:45+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/chinese-agents-caught-rebuilding-botnets-and-stirring-the-pot-on-ai-datacenter-debate\/"},"wordCount":1025,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/chinese-agents-caught-rebuilding-botnets-and-stirring-the-pot-on-ai-datacenter-debate\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2026\/06\/chinese-agents-caught-rebuilding-botnets-and-stirring-the-pot-on-ai-datacenter-debate.jpg","keywords":["Security"],"articleSection":["The Register"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/chinese-agents-caught-rebuilding-botnets-and-stirring-the-pot-on-ai-datacenter-debate\/","url":"https:\/\/www.threatshub.org\/blog\/chinese-agents-caught-rebuilding-botnets-and-stirring-the-pot-on-ai-datacenter-debate\/","name":"Chinese agents caught rebuilding botnets and stirring the pot on AI datacenter debate 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/chinese-agents-caught-rebuilding-botnets-and-stirring-the-pot-on-ai-datacenter-debate\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/chinese-agents-caught-rebuilding-botnets-and-stirring-the-pot-on-ai-datacenter-debate\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2026\/06\/chinese-agents-caught-rebuilding-botnets-and-stirring-the-pot-on-ai-datacenter-debate.jpg","datePublished":"2026-06-11T00:00:45+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/chinese-agents-caught-rebuilding-botnets-and-stirring-the-pot-on-ai-datacenter-debate\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/chinese-agents-caught-rebuilding-botnets-and-stirring-the-pot-on-ai-datacenter-debate\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/chinese-agents-caught-rebuilding-botnets-and-stirring-the-pot-on-ai-datacenter-debate\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2026\/06\/chinese-agents-caught-rebuilding-botnets-and-stirring-the-pot-on-ai-datacenter-debate.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2026\/06\/chinese-agents-caught-rebuilding-botnets-and-stirring-the-pot-on-ai-datacenter-debate.jpg","width":100,"height":50},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/chinese-agents-caught-rebuilding-botnets-and-stirring-the-pot-on-ai-datacenter-debate\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Security","item":"https:\/\/www.threatshub.org\/blog\/tag\/security\/"},{"@type":"ListItem","position":3,"name":"Chinese agents caught rebuilding botnets and stirring the pot on AI datacenter debate"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/60840","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=60840"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/60840\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/60841"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=60840"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=60840"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=60840"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}