Home United States USA — IT The infamous Volt Typhoon hacker group is back

The infamous Volt Typhoon hacker group is back

93
0
SHARE

After being targeted by a law enforcement operation in early 2024, researchers warn Volt Typhoon is back and stronger than ever
A botnet operated by the Volt Typhoon threat group, used to target critical national infrastructure around the world, has reappeared after being severely disrupted earlier this year, according to a new report.
The network of compromised network devices, orchestrated by the Chinese state-affiliated threat collective, consisted of hundreds of US-based small office/home office (SOHO) routers, and was used to attack critical-national infrastructure in the region.
Global law enforcement agencies targeted the botnet in a joint operation carried out in January 2024, “wiping out the KV Botnet from hundreds of routers nationwide”, according to the statement released by the US Justice Department’s Office for Public Affairs.
But findings from a new report indicate the group has been able to get back up and running quickly, setting up new infrastructure for malicious activity.
On 12 November, SecurityScorecard declared its threat intelligence ‘STRIKE’ team had recently observed the group exploiting outdated Cisco RV320/325 and Netgear ProSafe routers, described as “perfect entry points” for cyber criminals.

Continue reading...