NEW: Security researchers say they found evidence that Chinese government-linked hacking group Volt Typhoon used a zero-day to target ISPs in the U.S. and India.
The goal was to steal the credentials of the ISPs downstream customers, to do more targeted hacking.
“This wasn’t limited to just telecoms, but managed service providers and internet service providers,” said Mike Horka, the Black Lotus Labs' researcher who found the hacking campaign. “These central locations that they can go after, which then provide additional access.” Horka said these internet and networking companies are targets themselves, “very likely because of the access that they could potentially provide to additional downstream customers.”