Security News > 2024 > February > FBI disrupts Moobot botnet used by Russian military hackers
The FBI took down a botnet of small office/home office routers used by Russia's Main Intelligence Directorate of the General Staff in spearphishing and credential theft attacks targeting the United States and its allies.
Subsequently, the GRU hackers leveraged the Moobot malware to deploy their own custom malicious tools, effectively repurposing the botnet into a cyber espionage tool with global reach.
During a court-authorized operation, FBI agents remotely accessed the compromised routers and used the Moobot malware itself to delete stolen and malicious data and files.
Moobot is the second botnet used by state-sponsored hackers to evade detection disrupted by the FBI in 2024 after the takedown of the KV-botnet used by Chinese Volt Typhoon state hackers in January.
Russian military hackers target Ukraine with new MASEPIE malware.
FBI disrupts Chinese botnet by wiping malware from infected routers.
News URL
Related news
- Faraway Russian hackers breached US organization via Wi-Fi (source)
- Firefox and Windows zero-days exploited by Russian RomCom hackers (source)
- Wanted Russian Hacker Linked to Hive and LockBit Ransomware Arrested (source)
- North Korean Kimsuky Hackers Use Russian Email Addresses for Credential Theft Attacks (source)
- Russian hackers hijack Pakistani hackers' servers for their own attacks (source)
- Russian hackers hijack Pakistani hackers' servers for their own attacks (source)
- Russian Turla hackers hit Starlink-connected devices in Ukraine (source)
- Russian cyber spies hide behind other hackers to target Ukraine (source)
- Russian hackers use RDP proxies to steal data in MiTM attacks (source)
- FBI links North Korean hackers to $308 million crypto heist (source)