The FBI managed to prevent the actions of Russian hackers
The FBI succeeded in thwarting Russian hackers, gained control of thousands of devices that had previously been seized by cybercriminals believed to be under the direction of Russian military intelligence.
The Federal Bureau of Investigation gained control of thousands of Internet routers and hardware firewalls previously hacked by Russian military hackers using the same tools used by Moscow-based cybercriminals to communicate with devices, the U.S. Justice Department said Wednesday.
A cutscene statement released today describes the unusual operation as a pre-emptive measure to prevent Russian hackers from attempting to assemble compromised devices into a “botnet,” a network of compromised computers that can be used by hackers to attack other servers with streams of Internet traffic.
“Fortunately, we were able to stop this botnet from forming before it was used,” US Attorney General Merrick Garland said.
The Russian embassy in Washington has not yet responded to a request for comment from the US Department of Justice.
The botnet assembled by hackers was controlled using the Cyclops Blink virus program, which US and British cyber defense agencies attributed in late February to the “Sandworm” – presumably , one of the hacker groups controlled by Russian military intelligence. This group has been repeatedly accused of committing other cyberattacks.
Cyclops Blink was designed to hack devices manufactured by computer companies WatchGuard Technologies Inc and ASUSTeK Computer Inc, according to private cybersecurity companies. The program allows Russian hackers to gain access to the systems they have hacked, giving them the ability to remotely remove or delete data, as well as use the devices to attack other networks.
Watchguard released a statement confirming its cooperation with the Ministry of Justice to prevent the creation of a botnet, but did not disclose the number of devices affected by hackers, noting that this number is “less than 1% of all WatchGuard devices.”
AsusTek, also known like Asus, has not yet responded to a request for comment.
FBI Director Chris Ray told reporters that his agency, with court permission, secretly accessed thousands of routers and hardware firewalls in order to remove the virus and change the configuration devices.
“We've removed the virus from devices used by thousands of mostly small businesses to support network security around the world,” Ray said. “We closed the door that the Russians used to infiltrate [other networks].”
A document released today notes that the US government has launched an awareness campaign to educate owners of WatchGuard devices about the steps they should take to prevent hacker attacks. It is also reported that so far less than half of the devices previously captured by hackers have been controlled.