Microsoft says state-sponsored hackers penetrate critical U.S. infrastructure

vtqhtr413

Level 26
Thread author
Verified
Top Poster
Well-known
Aug 17, 2017
1,449
A concerning cyber threat looms over the United States as Microsoft issues a warning about the successful infiltration of critical sectors of the nation's infrastructure by Chinese state-sponsored hackers. Going by the codename "Volt Typhoon," this hacking group has been operating since mid-2021, compromising various industries, including government institutions and communications organizations.

In a recent advisory, Microsoft shed light on the gravity of this breach, emphasizing the urgent need for immediate action to safeguard the affected sectors and mitigate potential future crises. This article delves into the details of this alarming cyber attack and its implications for national security.

The intricate nature of cyber warfare is laid bare as Chinese state-sponsored hackers unleash a relentless assault on U.S. infrastructure. Microsoft's advisory serves as a clarion call, signaling a dire situation that demands a swift response and heightened vigilance. Known as "Volt Typhoon," the hacking group has honed its tactics since 2021, methodically targeting critical industries and institutions with the aim of extracting valuable intelligence.
 

vtqhtr413

Level 26
Thread author
Verified
Top Poster
Well-known
Aug 17, 2017
1,449
US law enforcement has disrupted the infrastructure of the notorious China-sponsored cyberattack group known as Volt Typhoon. The advanced persistent threat (APT), which FBI Director Christopher Wray said this week is "the defining cyber-threat of this era," is known for managing a sprawling botnet created by compromising poorly protected small office/home office (SOHO) routers.

The state-backed group uses it as a launchpad for other attacks, particularly on US critical infrastructure, because the botnet’s distributed nature makes the activity hard to trace. The FBI mimicked the attacker’s command-and-control (C2) network to send a remote kill switch to routers infected by the “KV Botnet” malware used by the group, it announced.

“The court-authorized operation deleted the KV Botnet malware from the routers and took additional steps to sever their connection to the botnet, such as blocking communications with other devices used to control the botnet,” according to the FBI’s statement.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top