Danny Adamitis on an 'unkillable' router botnet used by Chinese .gov hackers

Episode sponsors:

• Binarly, the supply chain security experts (https://binarly.io)
• FwHunt (https://fwhunt.run)

Danny Adamitis is a principal information security engineer at Black Lotus Labs, the threat research division within Lumen Technologies. On this episode of the show, we discuss his team's recent discovery of an impossible-to-kill botnet packed with end-of-life SOHO routers serving as a covert data transfer network for Volt Typhoon, a Chinese government-backed hacking group previously caught targeting US critical infrastructure.

Danny digs into the inner workings of the botnet, the global problem end-of-life devices becoming useful tools for malicious actors, and the things network defenders can do today to mitigate threats at this layer.

Links:

• Danny Adamitis on Twitter
• Chinese APT Volt Typhoon Linked to Unkillable SOHO Router Botnet
• Microsoft Catches Chinese .Gov Hackers Targeting US Critical Infrastructure
• The KV-botnet Investigation
• ZuoRAT Hijacks SOHO Routers to Silently Stalk Networks
• Daniel Adamitis on LinkedIn