Volt Typhoon And Its Botnet Surge Back With A Vengeance
Arthur T Knackerbracket has processed the following story:
Volt Typhoon And Its Botnet Surge Back With A VengeanceThe digital break-in was discovered in June, according to Bloomberg, citing "two people familiar with the matter" who told the news outlet that the Singtel breach was "a test run by China for further hacks against US telecommunications companies."
In February, the feds and other nations' governments warned that the Beijing-backed crew had compromised "multiple" critical infrastructure orgs' IT networks in Americaand globally, and were "disruptive or destructive cyberattacks" against those targets.
Volt Typhoon's targets include communications, energy, transportation systems, and water and wastewater systems.
"Volt Typhoon's choice of targets and pattern of behavior is not consistent with traditional cyber espionage or intelligence gathering operations, and the US authoring agencies assess with high confidence that Volt Typhoon actors are pre-positioning themselves on IT networks to enable lateral movement to OT assets to disrupt functions," the US, Canada, UK, Australia, and New Zealand said at the time.
More recently, another Chinese-government-backed group Salt Typhoon was accused of breaking into US telecom companies' infrastructure. These intrusions came to light in October with the spies reportedly breaching Verizon, AT&T, and Lumen Technologies, although all three have thus far declined to comment to The Register about the hacks.
Salt Typhoon also reportedly targeted phones belonging to people affiliated with US Democratic presidential candidate Kamala Harris, along with Republican candidate Donald Trump and his running mate, JD Vance.
Arthur T Knackerbracket has processed the following story:
China's Volt Typhoon crew and its botnet are back, compromising old Cisco routers once again to break into critical infrastructure networks and kick off cyberattacks, according to security researchers.
The alert comes nearly ten months after the Feds claimed a victory against the Chinese government-linked miscreants, when the FBI infiltrated the operation and then remotely wiped the botnet.
At the time, the US Justice Department warned that Volt Typhoon had infected "hundreds" of outdated Cisco and Netgear boxes with malware so that the devices could be used to break into US energy, water, and other vital facilities. Plus, the crew had been targeting American critical organizations as far back as 2021.
Read more of this story at SoylentNews.