Chinese hackers Volt Typhoon are back, and rebuilding their botnet to target new victims

0
8


  • Volt Typhoon is rapidly rebuilding its botnet of legacy routers
  • Traffic is being obscured through webshells and MIPS-based malware
  • Critical infrastructure needs to upgrade away from EOL devices

US allies and authorities recently dismantled parts of a network of legacy routers in small offices and home offices (SOHO) infected with the KV Botnet malware, used by the notorious Volt Typhoon group to target US critical infrastructure.

However, a huge new botnet targeting the same vulnerable legacy edge devices within critical infrastructure is rapidly growing, and Security Scorecard’s STRIKE Team thinks it is Volt Typhoon emerging from the ashes.

LEAVE A REPLY

Please enter your comment!
Please enter your name here