Skip to main content

Russia’s Sandworm Hackers Have Built a Botnet of Firewalls

posted onFebruary 28, 2022
by l33tdawg
Wired
Credit: Wired

Any appearance of a new tool used by Russia's  notorious, disruptive Sandworm hackers will raise the eyebrows of cybersecurity professionals braced for high-impact cyberattacks. When US and UK agencies warn of one such tool spotted in the wild just as Russia prepares a potential mass-scale invasion of Ukraine, it's enough to raise alarms.

On Wednesday, both the UK National Cybersecurity Center and the US's Cybersecurity and Infrastructure Security Agency released advisories warning that they—along with the FBI and NSA–have detected a new form of network device malware being used by Sandworm, a group tied to some of the most destructive cyberattacks in history and believed to be a part of Russia's GRU military intelligence agency.

The new malware, which the agencies call Cyclops Blink, has been found in firewall devices sold by networking hardware company Watchguard since at least June 2019. But the NCSC warns that “it is likely that Sandworm would be capable of compiling the malware for other architectures and firmware," that it may have already infected other common network routers used in homes and businesses, and that the malware's “deployment also appears indiscriminate and widespread.”

Source

Tags

Security

You May Also Like

Recent News

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th