United States Federal Bureau of Investigation (FBI) access dropped Russian hackers thousands of routers and firewall devices that can be used to create a botnet for cyber attacks. According to a statement released by the agency on Wednesday, the operation took place throughout March (6).
According to US authorities, compromised devices were accessed remotely by members of the group “sand worm”. Said to be the operator of several large-scale malicious campaigns, this organization is said to have links to Russia’s military intelligence service.
Access to devices occurred via malware Overhead winkingDesigned to hack devices made by Asus, according to the FBI and WatchGuard Technologies. With the malicious agent, the cybercriminals had the ability to access and extract data from the machines and control them at the same time.
Using hacked equipment, cybercriminals can create a network of infected computers to, among other things, carry out denial-of-service attacks (DDoS) leaves the servers unavailable. However, such action did not take place due to preventive actions by federal agents.
do the cleaning
Detecting the action of Cyclops Blink, FBI experts started the process of eliminating the cyber threat. Courtesy of American justice, researchers “invaded” infected devices to delete malware and reconfigure devices without users noticing.
“We remove malware from devices used by thousands of small businesses for network security worldwide,” said agency director Chris Wray. Reuters. He also said the work allowed him to “close the door to the Russians”, preventing large-scale attacks.
The number of affected devices was not disclosed, but WatchGuard, which assists the US Department of Justice in the case, said the number represented “less than 1%” of its products.
Source: Tec Mundo