Priya PatelThe US has taken down a Russian botnet of routers that were used to launch cyber attacks. The botnet consisted of hundreds of compromised routers that were controlled by Russia’s military cyber unit. The compromised devices were Ubiquiti Edge routers that had not had their default administrator passwords changed. The Justice Department obtained a court order to command the malware controlling the devices to delete stolen and malicious files, as well as disabling remote management access. However, owners still need to change the default password on their routers to fully secure their devices.
In addition to neutralising the botnet, the US is offering up to $10m for information leading to the identification or location of the leaders of the AlphV/BlackCat ransomware operation, as well as rewards for information on ransomware attacks using this variant.
The ESET IT security company has issued patches for several of its server, business, and consumer security products for Windows. These patches include fixes for vulnerabilities in ESET File Security, ESET Security for SharePoint Server, Mail Security, NOD32 Antivirus, and Internet Security.
South Korean researchers have also unlocked the Rhysida ransomware, leading the country’s security agency to issue a recovery tool. However, the code is likely to be changed now that the weakness in the ransomware has been exposed. Meanwhile, the developer of the Kryptina ransomware-as-a-service operation has made the code freely available after failing to find customers for the product.
In the Middle East, Hamas-linked cyber groups had been particularly active in phishing attacks prior to October 7th, but have not been as active since then. Meanwhile, Iranian groups have been trying to use hack-and-leak cyber attacks to undercut support for the war in Israel.
The article concludes by warning that manufacturers need to be mindful of the security of their products, particularly if they are adding wireless connectivity. The example given is the Livall smart ski and bike helmets, which have had to fix a security flaw that allowed for real-time location tracking of helmet users due to the ease with which the group code in the app could be brute-forced.
