CyberWire Daily cover image

CyberWire Daily

Botnet’s back, tell a friend. [Research Saturday]

Mar 8, 2025
Silas Cutler, Principal Security Researcher at Censys, dives into the enigmatic Volt Typhoon and its botnet, KV. He explains how the FBI's efforts disrupted infected systems without affecting the control infrastructure, suggesting a stealthy operator behind the scenes. Analysis reveals shifts in the botnet’s control servers in response to law enforcement. The conversation also tackles the challenges of attributing cyber threats, the strategic use of U.S. hosting for disguise, and the surprising links between patent databases and cybersecurity vulnerabilities.
22:47
Creator website

Episode guests

Silas Cutler

Podcast summary created with Snipd AI

Quick takeaways

  • Volt Typhoon exhibits sophisticated operations by employing manual techniques and maintaining consistent SSL certificates for tracking, indicating strategic planning amid disruptions.
  • The FBI's efforts against the KV Botnet highlight the challenges of targeting infrastructure, as Volt Typhoon's servers remain elusive and largely stable despite attempts to disrupt them.

Deep dives

Understanding Volt Typhoon's Operations

Volt Typhoon is identified as a threat actor operating primarily from China, employing unique tradecraft that differentiates it from other cybercriminals. This group often conducts operations manually, using available tools within targeted networks rather than relying on traditional malware. A key aspect of their operations can be seen in their first stage malware, which communicates through a consistent SSL certificate, allowing researchers to track their servers effectively. The unusual decision to maintain this certificate after a noted disruption by the FBI suggests a level of strategic planning or contractual constraints that may limit their operational changes.

Get the Snipd
podcast app

Unlock the knowledge in podcasts with the podcast player of the future.
App store bannerPlay store banner

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

Save any
moment

Hear something you like? Tap your headphones to save it with AI-generated key takeaways

Share
& Export

Send highlights to Twitter, WhatsApp or export them to Notion, Readwise & more

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode