China's Volt Typhoon Reestablishes Botnet After US Disruption

China’s Volt Typhoon Rebuilds Botnet After US Takedown. Nine months after a US-led disruption, the Chinese state-sponsored group Volt Typhoon is reportedly more sophisticated and determined, having reestablished its botnet using compromised legacy routers. Security analysts from SecurityScorecard have noted that the group is exploiting vulnerabilities in outdated Cisco and Netgear devices to facilitate covert operations targeting critical national infrastructure. With new command servers and advanced obfuscation techniques, Volt Typhoon poses a significant threat, particularly to governmental and critical infrastructure sectors, which remain vulnerable due to reliance on legacy technology.