US Authorities Take Control of Cyber-Espionage Campaign Attributed to Russia
Ami Rojkes Dombe
| 27/05/2018
blog.talosintelligence.com
The FBI has obtained court orders and has taken control of the command and control servers of a massive botnet of over 500,000 devices, known as the VPNFilter botnet. According to Bleeping Computer, the existence of this massive threat was made public after Cisco Talos published a report about VPNFilter infecting over 500,000 routers and NAS devices across the world.
Cisco said the botnet appeared to be preparing for an attack on Ukraine, as the botnet's operators were working hard to infect as many devices as possible within the country. The Ukrainian Secret Service believed the attack was supposed to take place yesterday (Saturday) when the UEFA Champions League soccer final was held in Kiev.
The US Department of Justice attributed the campaign to a Russian cyber-espionage group known as the “Sofacy Group” (also known as “apt28,” “sandworm,” “x-agent,” “pawn storm,” “fancy bear,” and “sednit”). It is not clear whether Israeli routers have been infected as well.
blog.talosintelligence.com
The FBI has obtained court orders and has taken control of the command and control servers of a massive botnet of over 500,000 devices, known as the VPNFilter botnet. According to Bleeping Computer, the existence of this massive threat was made public after Cisco Talos published a report about VPNFilter infecting over 500,000 routers and NAS devices across the world.
Cisco said the botnet appeared to be preparing for an attack on Ukraine, as the botnet's operators were working hard to infect as many devices as possible within the country. The Ukrainian Secret Service believed the attack was supposed to take place yesterday (Saturday) when the UEFA Champions League soccer final was held in Kiev.
The US Department of Justice attributed the campaign to a Russian cyber-espionage group known as the “Sofacy Group” (also known as “apt28,” “sandworm,” “x-agent,” “pawn storm,” “fancy bear,” and “sednit”). It is not clear whether Israeli routers have been infected as well.
