WASHINGTON — The US Federal Bureau of Investigation (FBI) has wrested control of thousands of routers and firewall appliances away from Russian military hackers by hijacking the same infrastructure Moscow’s spies were using to communicate with the devices, US officials said on Wednesday.
An unsealed redacted affidavit described the unusual operation as a pre-emptive move to stop Russian hackers from mobilizing the compromised devices into a “botnet” — a network of hacked computers that can bombard other servers with rogue traffic.
“Fortunately, we were able to disrupt this botnet before it could be used,” US Attorney General Merrick Garland said.
The Russian Embassy in Washington did not immediately return an email seeking comment.
The targeted botnet was controlled through malware called Cyclops Blink, which US and UK cyberdefense agencies had publicly attributed in late February to “Sandworm,” allegedly one of the Russian military intelligence service’s hacking teams that has repeatedly been accused of carrying out cyberattacks.
Cyclops Blink was designed to hijack devices made by WatchGuard Technologies Inc. and ASUSTeK Computer Inc., according to research by private cybersecurity firms. It provides Russian services with access to those compromised systems, offering the ability to remotely exfiltrate or delete data or turn the devices against a third party.
Watchguard issued a statement confirming it worked with the US Justice Department to disrupt the botnet but did not disclose the number of devices affected — saying only that they represented “less than 1 percent of WatchGuard appliances.”
AsusTek, better known as Asus, did not immediately return messages seeking comment.
FBI Director Chris Wray told reporters the FBI, with court approval, secretly reached into thousands of routers and firewall appliances to delete the malware and reconfigure the devices.
“We removed malware from devices used by thousands of…
All news and articles are copyrighted to the respective authors and/or News Broadcasters. VIXC.Com is an independent Online News Aggregator
Read more from original source here…