Security News > 2024 > February > FBI disrupts Moobot botnet used by Russian military hackers
The FBI took down a botnet of small office/home office routers used by Russia's Main Intelligence Directorate of the General Staff in spearphishing and credential theft attacks targeting the United States and its allies.
Subsequently, the GRU hackers leveraged the Moobot malware to deploy their own custom malicious tools, effectively repurposing the botnet into a cyber espionage tool with global reach.
During a court-authorized operation, FBI agents remotely accessed the compromised routers and used the Moobot malware itself to delete stolen and malicious data and files.
Moobot is the second botnet used by state-sponsored hackers to evade detection disrupted by the FBI in 2024 after the takedown of the KV-botnet used by Chinese Volt Typhoon state hackers in January.
Russian military hackers target Ukraine with new MASEPIE malware.
FBI disrupts Chinese botnet by wiping malware from infected routers.
News URL
Related news
- Russian hackers attack Western military mission using malicious drive (source)
- Russian Hackers Exploit CVE-2025-26633 via MSC EvilTwin to Deploy SilentPrism and DarkWisp (source)
- Chinese hackers target Russian govt with upgraded RAT malware (source)
- Hackers Abuse Russian Bulletproof Host Proton66 for Global Attacks and Malware Delivery (source)
- Russian Hackers Exploit Microsoft OAuth to Target Ukraine Allies via Signal and WhatsApp (source)
- Android Spyware Disguised as Alpine Quest App Targets Russian Military Devices (source)
- FBI seeks help to unmask Salt Typhoon hackers behind telecom breaches (source)
- France ties Russian APT28 hackers to 12 cyberattacks on French orgs (source)
- Hackers Exploit Samsung MagicINFO, GeoVision IoT Flaws to Deploy Mirai Botnet (source)
- Russian Hackers Using ClickFix Fake CAPTCHA to Deploy New LOSTKEYS Malware (source)