LAS VEGAS – The Terracotta commercial VPN, marketed in China under a number of different brand names, uses hacked servers to power its network and the network has become popular with advanced persistent threat groups, according to research released today by RSA Security.
“We don’t usually see commercial networks hacking into servers,” said Peter Beardmore, RSA’s senior consultant for threat intelligence marketing.
Terracotta also stands out because it keeps adding new IP addresses, and not publishing the data, he added. This is one of the things that makes it popular with cybercriminals.
“Most commercial VPN services publish their IP addresses,” Beardmore said. “And enterprises and governments can restrict access from those IP addresses.”