purplehaze
PurpleHaze’s Dynamic ORB Networks: Advanced Tactics, Detection Challenges, and Mitigation Strategies
PurpleHaze, an emerging Chinese state-sponsored threat group, operates highly dynamic multi-hop ORB networks that blend compromised IoT devices (notably SOHO routers with vulnerable firmware) and provisioned VPS to obscure command-and-control (C2) infrastructure.