Showing posts with label Volt Typhoon. Show all posts
Showing posts with label Volt Typhoon. Show all posts

Friday, April 5, 2024

Chinese hackers hid in US infrastructure network for 5 years

Article Title: Chinese hackers hid in US infrastructure network for 5 years
Snippet of Article: "...a technical guide with information on how to detect Volt Typhoon techniques and if they were used to compromise their organization's networks, as well as mitigation measures to secure them against attackers using Living Off the Land techniques. The Chinese threat group, also tracked as Bronze Silhouette, has been targeting and breaching U.S. critical infrastructure since at least mid-2021, according to a May 2023 report published by Microsoft. Throughout their attacks, they've also used a botnet of hundreds of small office/home offices (SOHO) across the United States (dubbed KV-botnet) to hide their malicious activity and evade detection...."


Source: www.bleepingcomputer.com

[tag] targeting and breaching U.S. critical infrastructure, Volt Typhoon, Infrastructure Issues Under China Cozy Biden Admin, [/tag]

Thursday, January 11, 2024

Multiple US Government Entities Infected by Volt Typhoon-Linked SOHO Botnet

Article Title: Volt Typhoon-Linked SOHO Botnet Infects Multiple US Gov't Entities
Snippet of Article: "Researchers have discovered an Internet of Things (IoT) botnet linked with attacks against multiple US government and communications organizations. ...The "KV-Botnet," revealed in a report from Lumen's Black Lotus Labs, is designed to infect small-office home-office (SOHO) network devices developed by at least four different vendors. It comes built with a series of stealth mechanisms and the ability to spread further into local area networks (LANs). One notable subscriber is the Volt Typhoon advanced persistent threat (aka Bronze Silhouette), the headline-grabbing Chinese state-aligned threat actor known for attacks against US critical infrastructure. ..."


Source: www.darkreading.com

[tag] SOHO Botnet, Volt Typhoon,Cyber Attacks,China,KV-Botnet, Compromised VPN's, [/tag]