Article 5WESB Russia’s most cutthroat hackers infect network devices with new botnet malware

Russia’s most cutthroat hackers infect network devices with new botnet malware

by
Dan Goodin
from Ars Technica - All content on (#5WESB)
red-and-blue-1s-and-0s-800x518.jpg

Enlarge (credit: Getty Images)

Hackers for one of Russia's most elite and brazen spy agencies have infected home and small-office network devices around the world with a previously unseen malware that turns them into attack platforms that can steal confidential data and target other networks.

Cyclops Blink, as the advanced malware has been dubbed, has infected about 1 percent of network firewall devices made by network device manufacturer Watchguard, the company said on Wednesday. The malware is able to abuse a legitimate firmware update mechanism found in infected devices in a way that gives it persistence, meaning it survives reboots.

Like VPNFilter, but stealthier

Cyclops Blink has been circulating for almost three years and replaces VPNFilter, the malware that in 2018 researchers found infecting about 500,000 home and small office routers. It contained a veritable Swiss Army Knife that allowed hackers to steal or manipulate traffic and to monitor some SCADA protocols used by industrial control systems. The US Department of Justice linked the hacks to the Main Intelligence Directorate of the General Staff of the Armed Forces of the Russian Federation, typically abbreviated as the GRU.

Read 13 remaining paragraphs | Comments

index?i=jqB2FrjL6aE:PxPtXTsIbsU:V_sGLiPB index?i=jqB2FrjL6aE:PxPtXTsIbsU:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA
External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments