Volt Typhoon returns with fresh botnet attacks on critical US infrastructure
The modus operandi
Volt Typhoon’s strategy is defined by its resilience and adaptability. Instead of retreating when detected, the group intensifies its foothold, exploiting long-overlooked vulnerabilities in legacy Cisco RV320/325 and Netgear ProSafe routers.
The PRC-backed hackers’ botnet infrastructure is built to avoid detection. They use servers across Europe and Asia-Pacific to mask their command-and-control (C2) operations. The group’s strategy includes hiding traffic through network providers in countries such as the Netherlands, Latvia, and Germany, the report said.
“Every layer of Volt Typhoon’s infrastructure is designed to blend malicious activities into everyday operations, making them difficult to detect and even harder to remove — especially in sectors like governments and critical infrastructure that still depend on outdated technology,” the report added.
Related
How SenseiNode Is Building Proof-of-Stake Infrastructure in Latin America
A lot of attention is paid to the decentralization of the Bitcoin network.Bitcoin miners should set up shop in a number of different jurisdictions in order to p
The Infrastructure of Racial Justice Is Under Attack. We Must…
President Donald Trump began February with a proclamation that Black History Month offered “an occasion to celebrate the contributions of so many Black Am
Bomb threat found “non-credible”: American Airlines after Delhi-bound flight diverted…
American Airlines has said that the "bomb threat on board", due to whi
Big infrastructure investment plans take shape in America
Amtrak and dozens of major industry partners representing construction, manufacturing, rail supply, engineering, and other sectors convened for an industr
