FBI-Led Operation Disrupts Russian GRU Botnet

  /     /     /  
Publicated : 23/11/2024   Category : security


FBI-Led Operation Disrupts Russian GRU Botnet


Cyclops Blink operation disabled firewalls behind the Sandworm hacking teams network of infected victim devices.



The FBI in March targeted and disabled the command and control communications of a botnet controlled by the infamous Russian General Staff Main Intelligence Directorate (GRU) hacking team Sandworm, the US Department of Justice (DoJ) announced today.
The botnet used WatchGuard Technologies and ASUSTek Computer (ASUS) firewalls compromised with the so-called Cyclops Blink malware, which the Cybersecurity and Infrastructure Security Agency (CISA)
first warned about
on Feb. 23. In an FBI-led operation, officials removed Cyclops Blink malware from the compromised firewalls that gave Sandworm potential access to systems within the firewall operators networks.
WatchGuard and ASUS both issued detection and guidance for their firewall customers on Feb. 23, but most of the thousands of devices on the botnet were still infected as of March.
In addition to removing the malware from the devices, the FBI also shut the remote management ports Sandworm had set up for accessing the devices. That stopped the Sandworm team from reaching the devices, but WatchGuard and ASUS device owners still must execute the detection and remediation steps provided by the two vendors to ensure Sandworm cant still abuse the devices, the DoJ said.
If you believe you have a compromised device, please contact your local FBI Field Office for assistance. The FBI continues to conduct a thorough and methodical investigation into this cyber incident, the
DoJ stated in its press advisory on the operation
.
Cyclops Blink replaced a previous Sandworm botnet that ran on VPNFilter, which the
DoJ sinkholed
in May 2018.

Last News

▸ Criminal Possession of Government-Grade Stealth Malware ◂
Discovered: 23/12/2024
Category: security

▸ Senate wants changes to cybercrime law. ◂
Discovered: 23/12/2024
Category: security

▸ Car Sector Speeds Up In Security. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
FBI-Led Operation Disrupts Russian GRU Botnet