Chinese state-sponsored hackers have used a critical zero-day vulnerability to infiltrate and infect American internet companies and service providers. Cybersecurity experts with Lumen Technologies said the sophisticated attack is attributed to the group “Volt Typhoon” and aims to compromise critical U.S. infrastructure, steal credentials, and potentially disrupt U.S. military capabilities in future conflicts, particularly concerning Taiwan.
At least four U.S.-based organizations and one in India have been impacted by the vulnerability. The attacks began as early as June 12, 2024. The attackers utilized a highly advanced custom web shell called “VersaMEM.” It is a sophisticated malware that focuses on credential theft and poses a significant threat to targeted networks and their users.
Cybersecurity experts said the attacks’ sophistication shows global cyber warfare is escalating, with critical infrastructure as the primary target.
In a blog post, Lumen gave several recommendations for American companies to take proactive steps to protect themselves against hacking. One recommendation is the proper implementation of firewall guidelines, which could prevent exploitation, among others.
