Dark
Light

US crushes Russian botnet in victorious cyber battle

1 min read
53 views






Article Summary

TLDR:

– U.S. conducts cyberattack on Russian military botnet, disabling a network of routers used by GRU.

– FBI Director Christopher Wray announces Operation Dying Ember at Munich Security Conference.

Full Article:

The United States and its allies have successfully disrupted a Russian military botnet network operated by the GRU. In a court-authorized operation in January 2024, hundreds of small office/home office (SOHO) routers were neutralized, impeding the GRU’s cybercrimes targeted at government, military entities, and corporations.

FBI Director Christopher Wray highlighted the impact of Operation Dying Ember, which kicked the Russian GRU off routers and blocked access to the botnet used for cyber operations globally. This operation is part of the larger cyberwar strategy against sophisticated AI-generated cyberattacks on critical infrastructures. Cyber experts warn about the vulnerability of SOHO routers to botnet exploits and the interest of nation-state threat actors in infiltrating U.S. networks.

The botnet operated by the GRU was unique in its use of existing Moobot malware installed on routers with default passwords, repurposing them for cyber espionage. The Justice Department’s operation modified firewall rules on compromised routers to block remote management access and prevent GRU’s attempts to thwart the operation.

Attorney General Merrick B. Garland emphasized the Department’s efforts to disrupt Russian cyber campaigns, including disabling their schemes through court-authorized operations. This marks the third time since Russia’s invasion of Ukraine that key tools used by Russian intelligence services have been neutralized. If individuals suspect a compromised router, they are urged to visit the FBI’s Internet Crime Complaint Center.


Previous Story

AI: A Cyber Criminal’s Best Partner in Crime

Next Story

Week’s top ransomware: ALPHV/BlackCat bounty, Cisco exploit and more

Latest from News

US sanctions Kaspersky Lab for Russia ties

TLDR: The Biden administration announced sanctions against 12 executives and senior leaders of Kaspersky Lab, a Russia-based cybersecurity company. The Commerce Department banned Kaspersky