Global botnets are being exploited by hackers – and they can even hide all evidence using ORB networks

Threat actors are continuously evolving their techniques to remain undetected when infiltrating organizations, with new research revealing how persistent groups like Volt Typhoon evade detection.

Mandiant has seen increased use of operational relay box networks (ORBs) to obscure indicators of compromise (IoC). These ORBs are essentially a botnet consisting of IoT devices, virtual private servers, smart devices, and older routers that no longer receive security updates.