Volt Typhoon returns with fresh botnet attacks on critical US infrastructure
The modus operandi
Volt Typhoon’s strategy is defined by its resilience and adaptability. Instead of retreating when detected, the group intensifies its foothold, exploiting long-overlooked vulnerabilities in legacy Cisco RV320/325 and Netgear ProSafe routers.
The PRC-backed hackers’ botnet infrastructure is built to avoid detection. They use servers across Europe and Asia-Pacific to mask their command-and-control (C2) operations. The group’s strategy includes hiding traffic through network providers in countries such as the Netherlands, Latvia, and Germany, the report said.
“Every layer of Volt Typhoon’s infrastructure is designed to blend malicious activities into everyday operations, making them difficult to detect and even harder to remove — especially in sectors like governments and critical infrastructure that still depend on outdated technology,” the report added.
Related
Big infrastructure investment plans take shape in America
Amtrak and dozens of major industry partners representing construction, manufacturing, rail supply, engineering, and other sectors convened for an industr
Trump demands 50% share of Ukraine’s revenues from critical minerals,…
President Trump has reportedly demanded half of Ukraine’s revenues from natural resources, ports and infrastructure as reparations for the billions
Amtrak and Private Sector Partners Join to Rebuild America’s Railroad…
About Amtrak® Amtrak is seizing a once-in-a-lifetime opportunity to transform rail and Retrain Travel. By modernizing, enhancing, and expan
A Fix for America’s Infrastructure Paralysis
In recent weeks, Elon Musk’s Department of Government Efficiency (DOGE) has moved to eli
