#ProxyNetworks

State hackers turn to massive ORB proxy networks to evade detection

May 22, 2024 by Xynik

May 22, 2024 at 01:40PM China-linked state-backed hackers are using operational relay box (ORB) networks as proxy meshes for cyberespionage operations. These ORBs involve hybrid combinations of VPS services and compromised IoT devices. Two networks, ORB3/SPACEHOP and ORB2/FLORAHOX, are being used for reconnaissance and vulnerability exploitation, creating challenges for detection and attribution. Attackers are evading … Read more

Chinese ‘ORB’ Networks Conceal APTs, Render Static IoCs Irrelevant

May 22, 2024 by Xynik

May 22, 2024 at 10:04AM Chinese threat actors have advanced anti-analysis techniques using operational relay box networks (ORBs) comprised of virtual private servers and compromised devices. Mandiant reports an increase in their use, prompting defenders to reevaluate traditional threat monitoring methods. ORBs are maintained by private companies or the Chinese government and consist of five … Read more