In a decisive action, the U.S. The Department of Justice (DOJ) has disrupted a cyber operation by Chinese state-sponsored hackers.
This operation, codenamed Volt Typhoon, targeted American critical infrastructure using a vast network of compromised routers.
Hundreds of small office/home office (SOHO) routers, primarily Cisco and NetGear models past their “end-of-life” status, were infected with the “KV Botnet” malware.
This malware served as a hidden gateway, allowing the attackers to conceal their activities and target critical infrastructure across the nation.
Trustifi’s Advanced threat protection prevents the widest spectrum of sophisticated attacks before they reach a user’s mailbox. Try Trustifi Free Threat Scan with Sophisticated AI-Powered Email Protection .
Taking Back Control: A Court-Authorized Cleanup:
Through a landmark court order, the DOJ conducted a meticulous operation to dismantle this cyber threat.
The compromised routers were remotely accessed and cleansed of the malicious software.
Additionally, measures were taken to sever their connection to the botnet, effectively neutralizing them as tools for further attacks.
A Multi-Pronged Defense:
This operation went beyond mere malware removal. The DOJ and its partners, including the FBI, CISA, and private sector entities, are proactively safeguarding critical infrastructure and educating the public.
Here’s a breakdown of their efforts:
- Victim Notification: All router owners affected by the operation are being notified, ensuring awareness and potential mitigation actions.
- Public Awareness: Extensive guidance is being released to help individuals and organizations identify and address network vulnerabilities.
- Cyber Hygiene Emphasis: The importance of timely security updates and replacing outdated equipment is being stressed to prevent future exploitation