Volt Typhoon Compromises 30% of Cisco RV320/325 Devices in 37 Days [Tuesday, January 16, 2024]

Approximately 30% of the Cisco RV320/325 devices observed by SecurityScorecard in a 37-day period may have been compromised by Volt Typhoon. The Ci...
Volt Typhoon Compromises 30% of Cisco RV320/325 Devices in 37 Days [Tuesday, January 16, 2024]
Volt Typhoon Compromises 30% of Cisco RV320/325 Devices in 37 Days
Report

Volt Typhoon Compromises 30% of Cisco RV320/325 Devices in 37 Days

Description :
Approximately 30% of the Cisco RV320/325 devices observed by SecurityScorecard in a 37-day period may have been compromised by Volt Typhoon. The Cisco RV320/325 vulnerability was publicly disclosed in January 2019. The devices are end-of-life, so Cisco has not released and will not release software updates to address vulnerabilities affecting them.

Published Created Modified
2024-01-16 11:43:05 2024-01-16 11:43:05 2024-01-16 11:56:55

Tags

Indicators

IPv4s :
  • 61.2.141.161
  • 70.60.30.222
  • 24.212.225.54
  • 94.125.218.19
  • 184.67.141.110
  • 46.10.197.206
  • 45.63.60.39
  • 212.11.106.139
  • 80.64.80.169
  • 194.50.159.3
  • 114.143.222.242
  • 117.211.166.22
  • 117.239.157.74
  • 183.82.110.178
  • 49.204.73.250
  • 82.117.159.158
  • 49.204.75.92
  • 192.149.47.110
  • 49.204.65.90
  • 93.62.0.77
  • 208.97.106.10
  • 49.204.75.90
  • 89.203.140.246
  • 176.102.35.175
  • 210.212.224.124
Hashes :
  • 7043ffd9ce3fe48c9fb948ae958a2e9966d29afe380d6b61d5efb826b70334f5
  • 36c63d0c2a78497ccf555e84f0233a514943faeff38281d99d00baf5df23f184
Intrusion set :
  • Volt Typhoon
Location :
  • Australia
  • United Kingdom of Great Britain and Northern Ireland
  • United States of America
MITRE ATT&CK Techniques :

External References

You can download the txt file containing the indicators by clicking on the button below:

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.