Priya PatelTLDR:
- Chinese government hackers exploited a zero-day flaw in Versa Director software used by U.S. internet service providers.
- The group known as Volt Typhoon aims to disrupt critical infrastructure, including communication and telecom networks, in a potential conflict with the U.S.
In a recent discovery, security researchers found that Chinese government hackers targeted U.S. internet service providers using a zero-day exploit in Versa Director software made by Versa Networks. The group, known as Volt Typhoon, focuses on disrupting critical infrastructure, including communication and telecom networks, with the goal of causing harm in a potential conflict with the United States. The hackers’ aim was to steal and use credentials on downstream customers of compromised victims. The vulnerabilities have been patched, and the U.S. cybersecurity agency CISA has been alerted to the situation.
The hackers targeted central locations like ISPs and MSPs, which provide additional access to downstream customers. The group exploited a zero-day vulnerability in Versa Director, a software used by internet service providers and managed service providers, making Versa a critical target for hackers. The U.S. government officials have raised concerns about the hacking activities of groups like Volt Typhoon, especially in light of potential future conflicts. Overall, the discovery sheds light on the ongoing cybersecurity threats faced by critical infrastructure providers in the U.S.
