US disrupts Russian Cyclops Blink botnet before being used in attacks

2022-04-06 15:46

US government officials announced today the disruption of the Cyclops Blink botnet linked to the Russian-backed Sandworm hacking group before it was used in attacks.

The malware, used by Sandworm to create this botnet since at least June 2019, is targeting WatchGuard Firebox firewall appliances and multiple ASUS router models.

"We are announcing today [.] the disruption of a global botnet controlled by the Russian military intelligence agency, commonly known as the GRU," US Attorney General Merrick Garland said.

"The Russian government has recently used similar infrastructure to attack Ukrainian targets. Fortunately, we were able to disrupt this botnet before it could be used."

The FBI has also notified owners of compromised devices in the United States and abroad through foreign law enforcement partners before removing the Cyclops Blink malware.

US victims whose contact info was not found were contacted by their providers following notices issued by the FBI. FBI Director Chris Wray said the botnet was disrupted following close cooperation with Watchguard while analyzing the malware and developing detection tools and remediation techniques.

News URL

https://www.bleepingcomputer.com/news/security/us-disrupts-russian-cyclops-blink-botnet-before-being-used-in-attacks/

#attack #botnet #russian #US

News URL

Related news