US Disrupts Russian Botnet Of 500,000 Hacked Routers
Anees Ahmed (@Aneesah05582539) Published May 24, 2018 | 11:01 AM
The US Justice Department said Wednesday that it had seized an internet domain that directed a dangerous botnet of a half-million infected home and office network routers, controlled by hackers believed tied to Russian intelligence.
Washington, (UrduPoint / Pakistan Point News - 24th May, 2018 ) :The US Justice Department said Wednesday that it had seized an internet domain that directed a dangerous botnet of a half-million infected home and office network routers, controlled by hackers believed tied to Russian intelligence.
The move was aimed at breaking up an operation deeply embedded in small and medium-sized computer networks that could allow the hackers to take control of computers as well as easily steal data.
The Justice Department said the "VPNFilter" botnet was set up by a hacking group variously called APT28, Pawn Storm, Sandworm, Fancy Bear and the Sofacy Group. The group is blamed for cyber attacks on numerous governments, key infrastructure industries like power grids, the Organization for Security and Co-operation in Europe, the World Anti-Doping Agency, and other bodies.
US intelligence agencies also say it was involved in the operation to hack and release damaging information on the Democratic Party during the 2016 US presidential election, and has engineered a number of computer network disruptions in Ukraine.
"According to cybersecurity researchers, the Sofacy Group is a cyber-espionage group believed to have originated from Russia," the Department of Justice said in a court filing. "Likely operating since 2007, the group is known to typically target government, military, security organizations, and other targets of intelligence value, through a variety of means," it said.
The Justice filing did not say who was behind Sofacy Group, but US intelligence has in the past linked it to Russia's GRU military intelligence agency, and numerous private computer security groups have made the same connection.
In Wednesday's action, the Justice Department said it had obtained a warrant authorizing the FBI to seize a computer domain that is part of the command and control system of the VPNFilter botnet.
The botnet targets home and office routers, through which it can relay orders from the botnet's controllers and intercept and reroute traffic back to them, virtually undetected by the users of a network.
In a report released in parallel to the Justice announcement, network equipment giant Cisco said VPNFilter had infected at least 500,000 devices in at least 54 countries. It has targeted popular router brands like Linksys, MikroTik, NETGEAR and TP-Link.
"The behavior of this malware on networking equipment is particularly concerning, as components of the VPNFilter malware allows for theft of website credentials," Cisco said. It also has "a destructive capacity that can render an infected device unusable, which can be triggered on individual victim machines or en masse." Both Justice and Cisco said they were releasing details of the problem before having found a strong, permanent fix.
Justice said that by seizing control of one of the domains involved in running VNPFilter, it will give owners of infected routers a chance to reboot them, forcing them to begin communicating with the now-neutralized command domain. The vulnerability will remain, Justice said, but the move will allow them more time to identify and intervene in other parts of the network.
Related Topics
Recent Stories
Punjab CM inaugurates Pakistan’s first Virtual Women Police Station
Dutch model Donny Roelvink embraces Islam
Experts raise concerns over introduction of 10-stick packs
Iranian president arrives in Karachi
Law Minister expresses Govt's resolve to address issue of missing persons
Rizwan’s batting order may be changed: Sources
Nawaz Sharif to visit Guangzhou exhibition in China
FM Dar not traveling to China: Foreign Office
PM takes notice of deliberate delay in tax cases
Iranian President visits Allama Iqbal’s mausoleum
Iranian President arrives in Lahore today
Currency Rate In Pakistan - Dollar, Euro, Pound, Riyal Rates On 23 April 2024
More Stories From Technology
-
Punjab CM inaugurates Pakistan’s first Virtual Women Police Station
2 hours ago -
Pro Tips: How to Capture Stunning Portraits with the Aura Light Portrait of vivo V30 5G
1 day ago -
Itel celebrates launch of S24—a new brand identity
2 days ago -
Realme C53 Price Slash: High-Tech Meets High Style at New Low Price!
3 days ago -
Take Charge, Live Free: Empower Your Life with Infinix NOTE 40 Series
5 days ago -
PTA Undertakes Consultation with All Pakistan Network Association (APNA) on Proposed Class Value Add ..
5 days ago
-
Vivo V30 5G: The Perfect Blend of Enhanced Photography and Premium Design
6 days ago -
PITB's Regional Plan 9 invites applications for its newly launched incubation centers in Rawalpindi, ..
7 days ago -
Pakistan calls for enhanced information integrity on digital platforms
8 days ago -
Infinix NOTE 40 Series vs. the Competition: Why It Stands Out
8 days ago -
"Unlock Exceptional Value: The New realme Note 50 with Extended Warranty Now Available in Pakistan!� ..
8 days ago -
Google unveils new AI chips, arm-based processor for data centers
14 days ago