U.S. Feds Shut Down China-Linked “KV-Botnet” Targeting SOHO Routers

February 4, 2024 at 12:19PM The U.S. government neutralized the China-linked Volt Typhoon botnet hijacking U.S.-based SOHO routers vulnerable due to end-of-life status. The botnet facilitated covert data transfer through compromised routers and VPN hardware, impacting critical infrastructure sectors. Law enforcement efforts aimed to disrupt the botnet’s activities, emphasizing the need for secure-by-design practices in … Read more

Feds Confirm Remote Killing of Volt Typhoon’s SOHO Botnet

February 1, 2024 at 04:54PM US law enforcement disrupted the China-sponsored cyberattack group Volt Typhoon, known for managing a botnet to launch attacks on US critical infrastructure. The FBI used a kill switch to delete the malware from routers and sever their connection to the botnet. However, experts believe the group will rebuild, but US … Read more

China Infiltrates US Critical Infrastructure in Ramp-up to Conflict

February 1, 2024 at 03:35PM China is rapidly enhancing its military, including cyber operations, to deter and confront the United States. Chinese cyberattackers are increasingly targeting critical infrastructure, indicating a strategic shift in tactics. US officials and experts are deeply concerned about China’s disruptive cyber activities and the increasing difficulty in detecting these attacks. This … Read more

FBI confirms it issued remote kill command to blow out Volt Typhoon’s botnet

January 31, 2024 at 02:27PM China’s Volt Typhoon cyber attackers utilized outdated Cisco and NetGear routers infected with malware to target US critical infrastructure facilities. The FBI intercepted the attack, harvested key data, then wiped the KV Botnet. FBI Director Christopher Wray warned of China targeting US communications, energy, transportation, and water sectors. Law enforcement … Read more

We know nations are going after critical systems, but what happens when crims join in?

January 31, 2024 at 12:17PM Volt Typhoon, a Chinese-government-backed cyberespionage group, has been targeting US energy, satellite, and telecommunications systems, according to security firm Dragos’ CEO Robert Lee. The group’s tactics, which include a slow and strategic approach, have raised concerns about potential disruptions to critical infrastructure. Lee also highlighted the threat posed by the … Read more

CISA: Vendors must secure SOHO routers against Volt Typhoon attacks

January 31, 2024 at 11:15AM CISA and the FBI have issued a warning to small office/home office (SOHO) router manufacturers to enhance security against attacks by Chinese state-backed hacking group Volt Typhoon. The agencies urge eliminating vulnerabilities, automating security updates, and safeguarding against Volt Typhoon activity. This follows ongoing attacks targeting U.S. critical infrastructure organizations … Read more

Feds Reportedly Try to Disrupt ‘Volt Typhoon’ Attack Infrastructure

January 30, 2024 at 03:35PM The US government, with private sector collaboration, has been discreetly working to disrupt the dangerous China-linked threat group “Volt Typhoon,” attempting to disable the operation remotely. This action comes amidst concern about widespread hacking activities and the group’s potential to compromise US military operations and infrastructure in the Indo-Pacific region. … Read more

US shorts China’s Volt Typhoon crew targeting America’s criticals

January 30, 2024 at 01:24PM The US Justice Department and FBI reportedly thwarted Chinese state-sponsored hackers targeting American critical infrastructure by obtaining a court order to remotely disable aspects of the Chinese hacking campaign. The hackers used vulnerable Internet-facing devices to access networks and steal sensitive data, prompting concerns about potential disruption of US critical … Read more

US Disrupted Chinese Hacking Operation Aimed at Critical Infrastructure: Report 

January 30, 2024 at 09:42AM The US government has disrupted parts of a major hacking campaign linked to China, targeting critical infrastructure. The FBI and Justice Department have been authorized to disable aspects of a Chinese cyber operation called Volt Typhoon. This threat actor has reportedly targeted the US, UK, and Australia, leading to concerns … Read more

China-Linked Volt Typhoon Hackers Possibly Targeting Australian, UK Governments

January 11, 2024 at 10:41AM Chinese state-sponsored hackers are targeting government entities in the US, UK, and Australia by exploiting old vulnerabilities in Cisco routers, reports SecurityScorecard. The actors likely compromised one-third of observed vulnerable devices and may operate a much larger botnet than previously believed, as indicated by connections to government sites. The attacks … Read more