Back to Error Database
VOLT_TYPHOON_APT

Volt Typhoon Living-off-the-Land APT

CRITICAL Malware & Viruses ID: VIR-017

What is VOLT_TYPHOON_APT?

Volt Typhoon is a state-sponsored cyber actor that targets critical infrastructure. They use 'Living-off-the-Land' (LotL) techniques—using legitimate built-in administrative tools like PowerShell, wmic, and netsh—to blend in with normal system activity and maintain long-term undetected persistence.

Common Causes

Step-by-Step Fix Guide

Commands & Diagnostics

powershell.exe Get-WinEvent -FilterHashtable @{LogName='Microsoft-Windows-PowerShell/Operational'; Id=4104} -MaxEvents 5 -ErrorAction SilentlyContinue
wevtutil.exe qe Microsoft-Windows-PowerShell/Operational /c:5 /f:text

Still Need Help?

Search our full database of 481+ documented PC errors for more solutions and step-by-step repair guides.

Search Error Database