SYMBOLCOMMON_NAMEaka. SYNONYMS

Volt Typhoon  (Back to overview)

aka: BRONZE SILHOUETTE

[Microsoft] Volt Typhoon, a state-sponsored actor based in China that typically focuses on espionage and information gathering. Microsoft assesses with moderate confidence that this Volt Typhoon campaign is pursuing development of capabilities that could disrupt critical communications infrastructure between the United States and Asia region during future crises. [Secureworks] BRONZE SILHOUETTE likely operates on behalf the PRC. The targeting of U.S. government and defense organizations for intelligence gain aligns with PRC requirements, and the tradecraft observed in these engagements overlap with other state-sponsored Chinese threat groups.


Associated Families
win.scanline sh.kv

References
2024-02-07CISACISA
MAR-10448362-1.v1 Volt Typhoon
ScanLine
2024-02-07LumenBlack Lotus Labs
KV-Botnet: Don’t call it a Comeback
KV
2024-02-07CISACISA
PRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S. Critical Infrastructure
ScanLine
2024-01-31Department of JusticeOffice of Public Affairs
U.S. Government Disrupts Botnet People’s Republic of China Used to Conceal Hacking of Critical Infrastructure
KV
2024-01-10SecurityScorecardSTRIKE Team
Volt Typhoon Compromises 30% of Cisco RV320/325 Devices in 37 Days
KV
2023-12-13LumenBlack Lotus Labs
Routers Roasting on an Open Firewall: the KV-botnet Investigation
KV
2023-05-24SecureworksCounter Threat Unit ResearchTeam
Chinese Cyberespionage Group BRONZE SILHOUETTE Targets U.S. Government and Defense Organizations
Volt Typhoon
2023-05-24MicrosoftMicrosoft Threat Intelligence
Volt Typhoon targets US critical infrastructure with living-off-the-land techniques
Volt Typhoon

Credits: MISP Project