Chinese Hackers Exploit US Internet Firms in New Cyber Espionage Campaign
A Chinese hacking group known as Volt Typhoon has been targeting US internet companies since at least mid-June. Security researchers and US authorities believe the group has ties to the Chinese government. The attacks exploited a flaw in software used by several firms, raising concerns over widespread surveillance risks.
The campaign came to light after researchers at Lumen Technologies linked Volt Typhoon to the breaches with 'moderate confidence'. The group reportedly took advantage of a vulnerability in Versa Director, a product by California-based Versa Networks. Five companiesâfour in the USA and one in Indiaâwere compromised, though their names remain undisclosed.
The hackersâ primary goal was to monitor the customers of these internet providers. Doug Britton, CEO of cybersecurity firm RunSafe Security, warned that the access gained would enable broad, undetected surveillance. Versa Networks described the attackers as an 'advanced group of hackers', while former CISA executive director Brandon Wales noted a sharp increase in China's cyber operations.
US agencies, including the FBI and CISA, have previously identified Volt Typhoon as a state-backed actor working for China's Ministry of State Security (MSS). However, the Chinese Embassy dismissed these claims, labeling the group as independent cybercriminals.
The attacks highlight ongoing tensions over cyber espionage between China and Western nations. Security experts continue to assess the full impact of the breaches, while affected companies work to patch the exploited vulnerability. Authorities have yet to confirm whether sensitive data was stolen during the campaign.
