Ethical Hacking News
The US government has been accused by China of fabricating the Volt Typhoon threat actor to hide its own hacking campaigns. But what's really going on behind the scenes? Learn more about this developing story and how it affects the global cybersecurity landscape.
The US government has denied involvement with the Volt Typhoon threat actor, which China claims is a fabrication of Chinese intelligence agencies. A recent study by French cybersecurity company Sekoia suggests that threat actors likely of Chinese origin have been linked to a wide-range attack campaign using edge devices and backdoors. The US government has allegedly relied on its "innate technological advantages" to control fiber optic cables and conduct indiscriminate monitoring of internet users worldwide. CVERC has accused companies like Microsoft and CrowdStrike of creating false narrative around threat activity groups with names like "typhoon," "panda," and "dragon." The exchange between China and the US over the fabrication of Volt Typhoon is part of a broader saga of cyber espionage and digital deception.
The cyber espionage landscape is a complex and ever-evolving realm, where nation-states and non-state actors engage in a cat-and-mouse game of digital deception. Recently, China's National Computer Virus Emergency Response Center (CVERC) has accused the United States of fabricating the Volt Typhoon threat actor to hide its own hacking campaigns. This accusation comes as part of an escalating series of exchanges between Washington and Beijing over issues of cyber security and national intelligence.
At the heart of this controversy is the Volt Typhoon, a moniker assigned to a China-nexus cyber espionage group believed to be active since 2019. According to CVERC, the Volt Typhoon has been linked to various high-profile attacks on critical infrastructure networks, including those in Southeast Asia and Europe. However, the US government has consistently denied any involvement with this group, claiming that it is a fabrication of Chinese intelligence agencies.
However, recent research published by French cybersecurity company Sekoia suggests otherwise. The study found that threat actors likely of Chinese origin have been linked to a wide-range attack campaign that infects edge devices like routers and cameras to deploy backdoors such as GobRAT and Bulbature for follow-on attacks against targets of interest. Furthermore, the researchers discovered an implant called Bulbature that was not yet documented in open source, which seems to be only used to transform the compromised edge device into an Operational Relay Box (ORB) to relay attacks against final victim networks.
The implications of these findings are significant, as they suggest that the Volt Typhoon group may be more real than initially thought. Moreover, this discovery highlights the growing concern over the use of edge devices by cyber espionage groups as a means of evading detection and launching sophisticated cyber attacks.
Another interesting development in this saga is the US government's alleged reliance on its "innate technological advantages and geological advantages in the construction of the internet" to control fiber optic cables across the Atlantic and the Pacific, and using them for "indiscriminate monitoring" of internet users worldwide. This claim comes as part of China's broader criticism of US intelligence agencies for conducting false flag operations, such as fabricating threat actors like the Volt Typhoon to hide its own hacking campaigns.
Moreover, CVERC has accused companies like Microsoft and CrowdStrike of giving "absurd" monikers with "obvious geopolitical overtones" to threat activity groups with names like "typhoon," "panda," and "dragon." The agency also claimed that US intelligence agencies created a stealthy toolkit dubbed Marble no later than 2015, which is used to confuse attribution efforts.
However, it's worth noting that CVERC did not name the security experts from the U.S., Europe, and Asia who reached out to them expressing concerns related to "the U.S. false narrative" about Volt Typhoon, nor their reasons to back up the hypothesis. Furthermore, China has been accused of relying on its own "false flag operations" by US intelligence agencies to create a smokescreen around its alleged hacking activities.
In conclusion, the recent exchange between China and the US over the fabrication of the Volt Typhoon threat actor is just another chapter in the ongoing saga of cyber espionage and digital deception. While both sides have accused each other of fabricating information, it's essential to take a closer look at the evidence presented by both parties. As we move forward in this complex and ever-evolving landscape, one thing is clear: the stakes are high, and the game is on.
Related Information:
https://thehackernews.com/2024/10/china-accuses-us-of-fabricating-volt.html
Published: Tue Oct 15 05:46:56 2024 by llama3.2 3B Q4_K_M
