It’s not funny. A new malware named “Gayfemboy” has turned out to be one of 2025’s nastier cybersecurity threats. First detected in February 2024, it has been spotted spreading in the U.S., Mexico, Brazil, France, Germany, Switzerland, and Vietnam, Them reports. After a slew of cyberattacks in January this year, Gayfemboy attacked again in July.
According to cybersecurity company Fortinet, the malware targets a broad range of industries, including manufacturing, technology, and media. It infects everyday routers and networking gear from providers like Cisco and TP-Link by exploiting software flaws.
At this point, depending on your tastes and preferences, you might be thinking of letting Gayfemboy in.
But once inside, Gayfemboy adds connected devices to a botnet, or a digital network of hacked devices that attackers can control remotely as one massive system. From there, it can unleash distributed denial-of-service (DDoS) attacks, which bombard websites or servers with such a high volume of traffic that they become inaccessible. In some cases, it also installs cryptocurrency-mining software, quietly draining resources to generate digital coins for its operators.
Gayfemboy is also quite slippery. According to Them, it can rename files and restart itself if shut down. Fortinet also states that the malware can wait up to 27 hours before activating to evade detection, and even wipe out competing malware to maintain exclusive control of a device. It also communicates with its operators through domains with names like “i-kiss-boys,” “furry-femboys,” and “twinkfinder.”
For now, Fortinet and other cybersecurity services are leading the response by blocking domains, issuing patches, and urging organizations to secure their networks.
Fortinet stated that Gayfemboy is similar to a known malware called Mirai, which was first discovered attacking Minecraft servers in 2016. But the new malware is more complex, which only “reflects the increasing sophistication of modern malware.”
As of writing, there are no reports of the malware in the Philippines, but it doesn’t mean we shouldn’t update our antivirus software.
