China’s Cyber Typhoon: LapDogs Unleashed on Your Network!
Typhoons are brewing, but not the weather kind! China’s Volt Typhoon and Salt Typhoon are suspected of sneaking into US networks, using devices like old routers and IoT gadgets as cover. Their tool? A fake LAPD certificate. It’s a cybersecurity thriller with a twist: the Typhoons are here, and they’re not after umbrellas!
Hot Take:
Looks like China’s “Typhoon” crews are taking inspiration from the canine world with their new “LapDogs” campaign. These cyber hounds are cleverly using a phony LAPD badge to fetch sensitive data from unsuspecting networks. Who knew cyber espionage could be both sneaky and punny! Beware of rogue routers and barking backdoor access points!
Key Points:
- China’s ‘Typhoon’ crews are behind a stealthy campaign infecting 1,000 devices, primarily in the US and South East.
- The campaign uses a fake certificate allegedly from the LAPD to gain access to critical infrastructure.
- End-of-life routers, IoT devices, and SOHO devices are targeted to form an ORB network.
- Victims span across several sectors, including IT, media, and real estate, with the US, Japan, and South Korea being prime targets.
- The campaign exploits known vulnerabilities and uses a custom backdoor called ShortLeash for ongoing access.
Already a member? Log in here