Russian hackers' Cyclops Blink botnet targets Asus routers around the world
We're closing in on one full month since Russia invaded Ukraine and the slow drip of related threats continues. The war is, after all, happening online as well, and the net cast by state-sponsored Russian hackers is getting wider every day. Whether it's attempting to break into systems to find classified data or worse, the cyberfront is active and there are plenty of targets. A recent report from cybersecurity software company Trend Micro about activity from the ominously-named Russian botnet Cyclops Blink is just the latest example.
Trend Micro says that Cyclops Blink, which it refers to as a "state-sponsored botnet," has been around since at least 2019 and is linked to a group CISA calls Sandworm or Voodoo Bear. According to CISA, the group has been linked to a 2015 attack against Ukraine's power grid as well as disruptions in the Republic of Georgia and at the 2018 Olympics. With Cyclops Blink, Voodoo Bear appears to be going after a number of Asus routers as well as devices from WatchGuard, which makes Firebox network security hardware. But the botnet, Trend Micro writes, isn't going after "critical organizations, or those that have an evident value [in] economic, political, or military espionage."