November 12, 2024 at 10:55AM Volt Typhoon, a Chinese state-sponsored hacking group, is rebuilding its KV-Botnet after earlier disruptions. Targeting outdated Cisco and Netgear routers, they have compromised roughly 30% of exposed devices. Researchers recommend replacing old routers and enhancing security measures to mitigate this persistent threat. ### Meeting Notes Takeaways: 1. **Volt Typhoon Resurgence**: … Read more
February 4, 2024 at 12:19PM The U.S. government neutralized the China-linked Volt Typhoon botnet hijacking U.S.-based SOHO routers vulnerable due to end-of-life status. The botnet facilitated covert data transfer through compromised routers and VPN hardware, impacting critical infrastructure sectors. Law enforcement efforts aimed to disrupt the botnet’s activities, emphasizing the need for secure-by-design practices in … Read more
January 31, 2024 at 12:50PM The FBI disrupted the KV Botnet, used by Chinese state hackers to target U.S. critical infrastructure, by hijacking small home office devices, including routers and IP cameras. This enabled the hackers to evade detection and launch attacks. The FBI’s operation, authorized by a court order, cut off the compromised devices … Read more
December 15, 2023 at 09:54AM A new botnet named KV-botnet, compromising firewalls and routers from various manufacturers, is used for covert data transfer by advanced persistent threat actors, particularly the China-linked threat actor Volt Typhoon. The botnet’s two clusters target high-profile victims and utilize IP addresses based in China. The operators also focus on removing … Read more
December 14, 2023 at 05:20PM Lumen’s Black Lotus Labs recently identified the KV-Botnet, a sophisticated Internet of Things (IoT) botnet targeting US government and communications organizations. The botnet infects network devices from various vendors and is connected to the Chinese state-aligned Volt Typhoon threat actor. It features advanced stealth mechanisms and the ability to deploy … Read more
December 13, 2023 at 05:50PM The Chinese state-sponsored hacking group Volt Typhoon, also known as Bronze Silhouette, has been linked to the sophisticated botnet ‘KV-botnet’ since 2022. The group targets SOHO routers, firewalls, and VPN devices, aiming to disrupt critical communications infrastructure. The botnet’s activities indicate a focus on espionage and information gathering, with recent … Read more