Chinese botnet containing hundreds of end-of-life Cisco and Netgear routers disrupted by US government

Blog
Chinese botnet containing hundreds of end-of-life Cisco and Netgear routers disrupted by US government

The US government has successfully disrupted a botnet created by a Chinese hacking group known as Volt Typhoon. The botnet was responsible for cyber attacks on critical national infrastructure (CNI) organizations in the US and other countries.

According to a security alert from the US Office of Public Affairs, Volt Typhoon had hijacked hundreds of small-office/home office routers from Cisco and Netgear brands across America. These routers were infected with the KV Botnet malware, which allowed the hackers to disguise themselves as the source of subsequent attacks on CNI organizations in the US and overseas.

In May 2025, the UK National Cyber Security Centre (NCSC) and other international intelligence agencies issued guidance to CNI operators, urging them to take preventive measures against Volt Typhoon’s attempts to access and hide on their systems.

The botnet takedown was authorized by a US court in December 2023. It involved removing the malware from the affected routers and taking additional steps to block other devices from communicating with the botnet. FBI Director Christopher Wray stated that Volt Typhoon’s actions posed a threat to sectors such as communications, energy, transportation, and water, and emphasized the FBI’s commitment to combating such threats. Attorney General Merrick Garland also highlighted the Justice Department’s proactive approach to protecting the nation’s CNI.

Deputy Attorney General Lisa Monaco emphasized the Department of Justice’s use of various tools to disrupt national security threats in real-time. She also underscored the importance of partnership with the private sector, as victim reporting is crucial in fighting cyber crime.

Sandra Joyce, Vice-President of Intelligence at Mandiant, a cyber threat intelligence company owned by Google, explained that Volt Typhoon’s methods make it challenging to detect their activity. They use compromised systems to blend in with normal network activity and continuously change the source of their activity. Despite the difficulties, Joyce believes tracking and identifying their actions is not impossible.

Unlock your business potential with our expert guidance. Get in touch now!

Contact us
AI & Neural Networks Applications Big Data and Data Analysis Blockchain Cloud Computing and Services Digital Marketing in IT Digital Transformation E-commerce Technologies GLOBUS.studio GLOBUS.studio IT Consulting and Strategies IT for Businesses IT Security and Cybersecurity Learning Mobile Development News Project Management SaaS Solutions SEO/SMO/SMM Software Development Technologies Uncategorised UX/UI Web Development
FeatureImage_Young_Woman_Holding_Credit_Card_and_Using_a_Laptop.jpg

Top 6 Credit Unions for Business Accounts in 2025

  • GLOBUS.studio
tr_20240220-consultio-pro-lifetime-access.jpg

Unlock Lifetime Access to 50+ AI Experts with Consultio Pro for Just $29.99!

  • GLOBUS.studio
huawei-featured-feb-25.jpg

Huawei Launches Its First Tri-Fold Smartphone Globally

  • GLOBUS.studio
tr_20230929-internxt-cloud-storage-lifetime-subscription-2tb-plan.jpg

Secure 2TB Lifetime Cloud Storage Plan from Internxt for Just $91!

  • GLOBUS.studio
tr_20250216-arm-cpu-qualcomm-nvidia.jpg

Arm Surprises Semiconductor Industry with Potential Plan to Sell Its Own Chips

  • GLOBUS.studio
strategy_a200792738.jpg

A Journey Toward Enhanced Data Engineering

  • GLOBUS.studio
tr_20241203-how-to-use-square.jpg

Understanding Square: Functionality and Purpose Explained

  • GLOBUS.studio

Explore More

Your Gateway to Useful Resources