Volt Typhoon returns with fresh botnet attacks on critical US infrastructure
The modus operandi
Volt Typhoon’s strategy is defined by its resilience and adaptability. Instead of retreating when detected, the group intensifies its foothold, exploiting long-overlooked vulnerabilities in legacy Cisco RV320/325 and Netgear ProSafe routers.
The PRC-backed hackers’ botnet infrastructure is built to avoid detection. They use servers across Europe and Asia-Pacific to mask their command-and-control (C2) operations. The group’s strategy includes hiding traffic through network providers in countries such as the Netherlands, Latvia, and Germany, the report said.
“Every layer of Volt Typhoon’s infrastructure is designed to blend malicious activities into everyday operations, making them difficult to detect and even harder to remove — especially in sectors like governments and critical infrastructure that still depend on outdated technology,” the report added.
Related
‘Stargate’ Joint Venture to Invest in U.S. AI Infrastructure
WASHINGTON — President Donald Trump on Tuesday talked up a joint venture investing up to $500 billion for infrastructure tied to artificial intelligence by a
Trump announces a $500 billion AI infrastructure investment in the…
New York CNN — Three top tech firms on Tuesday announced that they will create a new
SoftBank and OpenAI back sweeping AI infrastructure project in US
Unlock the White House Watch newsletter for freeYour guide to what the 2024 US election means for Washington and the worldOpenAI and SoftBank on Tuesday said th
Biden issues second AI action during final week in office…
President Biden on Tuesday signed an ambitious executive order that he says will keep both national security and climate change in mind while fast-tracking the
