1. Forum
  2. Usenet
  3. ALT.HACKER

  • FBI disrups 'Sandworm' infected Russian military botnet

    From Big Bad Bombastic Bob@21:1/5 to All on Thu Apr 7 00:08:02 2022
    https://www.foxnews.com/world/fbi-disrupts-russian-military-hackers-preventing-botnet-amid-ukraine-war

    "GRU hackers managed to infect thousands of hardware devices through a
    threat actor known as Sandworm"

    "The Federal Bureau of Investigation wrested control of thousands of
    routers and firewall appliances away from Russian military hackers by
    hijacking the very same devices Moscow's spies had been using to set up
    a "botnet" – a network of hacked computers that can bombard other
    servers with rogue traffic."

    "'Fortunately, we were able to disrupt this botnet before it could be
    used,' U.S. Attorney General Merrick Garland said during a news conference."

    "The FBI conducted the court-authorized operation in March 2022,
    disrupting a two-tiered global botnet of thousands of infected network
    hardware devices under the control of a threat actor known as Sandworm,
    which the U.S. government previously attributed to the Main Intelligence Directorate of the General Staff of the Armed Forces of the Russian
    Federation (the GRU), the Justice Department announced in a statement."

    "The operation copied and removed malware from firewall devices that
    Sandworm used for command-and-control of the botnet. While the operation
    did not access the Sandworm malware on the underlying victim devices,
    the disabling of the command-and-control mechanism severed the bots from
    the Sandworm devices' control, disrupting the Russian military hacker operation."

    I hope the owners of these devices are at least NOTIFIED and maybe given instructions on how to completely remove the infection... (and prevent
    it from happening again)

    "The malware involved, Cyclops Blink, targets network devices
    manufactured by WatchGuard Technologies Inc. and ASUSTek Computer Inc."

    "WatchGuard and ASUS devices that acted as bots may remain vulnerable to Sandworm if device owners do not take the WatchGuard and ASUS
    recommended detection and remediation steps, DOJ warned. "

    as I would expect



    --
    (aka 'Bombastic Bob' in case you wondered)

    'Feeling with my fingers, and thinking with my brain' - me

    'your story is so touching, but it sounds just like a lie'
    "Straighten up and fly right"

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)