"Stealthy KV-Botnet Hijacks SOHO Routers and VPN Devices"
Volt Typhoon, also known as Bronze Silhouette, a Chinese state-sponsored Advanced Persistent Threat (APT) hacking group, has been linked to a botnet called KV-botnet, which it has been using since at least 2022 to attack Small Office Home Office (SOHO) routers in high-value targets. The APT mainly targets routers, firewalls, and Virtual Private Network (VPN) devices to proxy malicious traffic so that it blends in with legitimate traffic and thus goes undetected. According to a joint report by Microsoft and the US government, the attackers are building infrastructure that can be used to disrupt US communications infrastructure. This article continues to discuss the Volt Typhoon APT and its link to the KV-botnet.
Bleeping Computer reports "Stealthy KV-Botnet Hijacks SOHO Routers and VPN Devices"
Submitted by grigby1