The Androxgh0st botnet is reportedly being weaponised by government hackers based in China.The botnet rose to prominence after the Mozi botnet vanished last year.Androxgh0st can exploit vulnerabilities in IoT and web servers to create numerous operational issues such as data theft or mass-surveillance efforts.It managed to infiltrate 5% of organisations worldwide during November.Androxgh0st is expected to exploit between 75% and 100% more web application vulnerabilities than it currently does by mid-2025.It can target Linux, Windows and Mac systems simultaneously.Mozi's ability to target both web servers and IoT devices has made Androxgh0st much more potent than Mozi ever was.Moreover, it can manipulate devices and render them part of the botnet for purposes like large-scale DDoS attacks.Androxgh0st has also been used for large-scale data theft operations, posing a significant risk to industries reliant on critical infrastructure.Androxgh0st is expected to pose a threat for the foreseeable future and is hugely challenging for security teams to handle.