Security News > 2024 > February > FBI disrupts Moobot botnet used by Russian military hackers
The FBI took down a botnet of small office/home office routers used by Russia's Main Intelligence Directorate of the General Staff in spearphishing and credential theft attacks targeting the United States and its allies.
Subsequently, the GRU hackers leveraged the Moobot malware to deploy their own custom malicious tools, effectively repurposing the botnet into a cyber espionage tool with global reach.
During a court-authorized operation, FBI agents remotely accessed the compromised routers and used the Moobot malware itself to delete stolen and malicious data and files.
Moobot is the second botnet used by state-sponsored hackers to evade detection disrupted by the FBI in 2024 after the takedown of the KV-botnet used by Chinese Volt Typhoon state hackers in January.
Russian military hackers target Ukraine with new MASEPIE malware.
FBI disrupts Chinese botnet by wiping malware from infected routers.
News URL
Related news
- Microsoft and DOJ disrupt Russian FSB hackers' attack infrastructure (source)
- 100+ domains seized to stymie Russian Star Blizzard hackers (source)
- Pro-Ukrainian Hackers Strike Russian State TV on Putin's Birthday (source)
- US, UK warn of Russian APT29 hackers targeting Zimbra, TeamCity servers (source)
- Russian Espionage Group Targets Ukrainian Military with Malware via Telegram (source)
- Russian hackers deliver malicious RDP configuration files to thousands (source)
- Microsoft: Chinese hackers use Quad7 botnet to steal credentials (source)
- FBI Seeks Public Help to Identify Chinese Hackers Behind Global Cyber Intrusions (source)
- Volt Typhoon rebuilds malware botnet following FBI disruption (source)
- Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails (source)