FBI Operation Aims To Take Down Massive Russian GRU Botnet (techcrunch.com) 12
The Federal Bureau of Investigation has disclosed it carried out an operation in March to mass-remove malware from thousands of compromised routers that formed a massive botnet controlled by Russian intelligence. From a report: The operation was authorized by courts in California and Pennsylvania, allowing the FBI to copy and remove the so-called Cyclops Blink malware from infected Asus and WatchGuard routers across the U.S., severing the devices from the servers that remotely control and send instructions to the wider botnet. The Justice Department announced the March operation on Wednesday, describing it as "successful," but warned that device owners should still take immediate action to prevent reinfection.
The Justice Department said that since the news first emerged about the rising threat of Cyclops Blink in February, thousands of compromised devices have been secured, but justified the court-ordered operation because the "majority" of infected devices were still compromised just weeks later in mid-March. Cyclops Blink is believed to be the successor to VPNFilter, a botnet largely neglected after it was exposed by security researchers in 2018 and later targeted by a U.S. government operation to disrupt its command and control servers. Both Cyclops Blink and VPNFilter are attributed to Sandworm, a group of hackers working for Russia's GRU, the country's military intelligence unit.
The Justice Department said that since the news first emerged about the rising threat of Cyclops Blink in February, thousands of compromised devices have been secured, but justified the court-ordered operation because the "majority" of infected devices were still compromised just weeks later in mid-March. Cyclops Blink is believed to be the successor to VPNFilter, a botnet largely neglected after it was exposed by security researchers in 2018 and later targeted by a U.S. government operation to disrupt its command and control servers. Both Cyclops Blink and VPNFilter are attributed to Sandworm, a group of hackers working for Russia's GRU, the country's military intelligence unit.
And the "EVIL CHINA(tm)"? (Score:2)
Next up (Score:2)
Twitters trumpanzes will start complaining about the sudden drop in likes.
Re: (Score:3)
.Normally, on average, videos that I post on Instagram, get somewhere between 250 and 300,000 views, tens of thousands of likes. The video that I posted last night, or early this morning got about 10 percent of that, around 15,000 views and a couple of 1,000 likes.
She blamed Instagram.
The real question is.. (Score:3)
If the thing was found in February, why is the majority of devices still infected?
Can the manufacturer not send into to all registered users of the devices with the known security bug?
Can the ISPs not detect the problem and send letters to the users?
and so on..
I know most home routers are kind of questionable in design but should we not demand more in terms of response to know threats that are actually exploited on large scale?
Re: (Score:3)
If the thing was found in February, why is the majority of devices still infected?
Can the manufacturer not send into to all registered users of the devices with the known security bug?
Can the ISPs not detect the problem and send letters to the users?
In my travels of late, most home users have an ISP-provided router. Aftermarket routers still exist to some extent, but well over half of the households I find myself in stick to the ISP-provided unit. Said routers don't typically let users upgrade their firmware and the vendors who have those sweet ISP contracts don't typically provide firmware updates to end users, even if they wanted to. Regardless of that reality, if the routers are infected, it's particularly difficult for users to be impacted. As long
Re: (Score:3)
1. Lots of device manufacturers stop caring once they are paid for the device.
2. Even if device manufacturers don't suck, lots of device users never bother to even look for software updates unless it's in your face via a notification, much less actually apply them regularly.
This has been a problem for years, and will continue being a problem for years more, because Johnny P. Wallet isn't a network administrator, and doesn't give two fucks that his router has updated software on it, as long as it's still rou
Sounds Despicable... (Score:2)
What about the Minions?
Re: (Score:2)
"You have been eaten by a GRU!"
In Soviet Russia... (Score:2)