{"id":59809,"date":"2022-04-08T12:13:03","date_gmt":"2022-04-08T09:13:03","guid":{"rendered":"https:\/\/forklog.com\/en\/?p=59809"},"modified":"2025-09-04T23:58:54","modified_gmt":"2025-09-04T20:58:54","slug":"fbi-foiled-plan-to-create-russian-botnet-on-thousands-of-devices","status":"publish","type":"post","link":"https:\/\/forklog.com\/en\/fbi-foiled-plan-to-create-russian-botnet-on-thousands-of-devices\/","title":{"rendered":"FBI foiled plan to create Russian botnet on thousands of devices"},"content":{"rendered":"<p>U.S. FBI personnel repelled an attack by Russian hackers on thousands of routers and firewalls that were to be networked into a botnet to flood third-party servers with fraudulent traffic. Reuters <a href=\"https:\/\/www.reuters.com\/world\/us-fbi-says-it-foiled-cyberattack-by-russian-hackers-2022-04-06\/\">reports<\/a>.<\/p>\n<p>The botnet was controlled by malware known as Cyclops Blink. In late February, U.S. and U.K. cyberdefence agencies publicly attributed it to the Sandworm hacker group, believed to be linked to Russia&#8217;s military intelligence service.<\/p>\n<p>Cyclops Blink is designed to seize control of devices manufactured by WatchGuard Technologies Inc and ASUSTeK Computer Inc. It provides access to compromised systems, allowing remote exfiltration or deletion of data, and to configure devices to act against third parties.<\/p>\n<p>WatchGuard confirmed cooperation with the U.S. Department of Justice in dismantling the botnet, but did not disclose how many devices were affected, saying only that it represented \u201cless than 1% of WatchGuard devices.\u201d<\/p>\n<p>According to the FBI, thousands of enterprises worldwide were affected by the attack.<\/p>\n<p>U.S. authorities urged WatchGuard device owners to take steps \u201cto remove viruses and vulnerabilities,\u201d though patches had been applied to fewer than half of them.<\/p>\n<p>Separately, Microsoft <a href=\"https:\/\/blogs.microsoft.com\/on-the-issues\/2022\/04\/07\/cyberattacks-ukraine-strontium-russia\/\">thwarted attempts by hackers<\/a> linked to Russia&#8217;s GRU to breach servers in Ukraine.<\/p>\n<p>The cyberattack was directed at \u201cUkrainian organizations, including the media.\u201d The firm said the hackers sought to establish long-term access to the systems, provide tactical support for Russia\u2019s invasion of Ukraine, and seize confidential information.<\/p>\n<p>Recall that, in late March, media reported that hackers obtained <a href=\"https:\/\/forklog.com\/en\/news\/bloomberg-reports-hackers-obtained-user-data-from-apple-and-meta\">Apple and Meta user data<\/a>.<\/p>\n<p>Follow ForkLog&#8217;s Bitcoin news on our <a href=\"https:\/\/telegram.me\/forklog\" target=\"_blank\" rel=\"nofollow noopener\">Telegram<\/a> \u2014 cryptocurrency news, prices and analysis.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>U.S. FBI personnel repelled an attack by Russian hackers on thousands of routers and firewalls that were to be networked into a botnet to flood third-party servers with fraudulent traffic.<\/p>\n","protected":false},"author":1,"featured_media":59810,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"1","news_style_id":"1","cryptorium_level":"","_short_excerpt_text":"","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[1573,1154,1143,27,26],"class_list":["post-59809","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-botnet","tag-crimes","tag-intelligence-agencies","tag-russia","tag-usa"],"aioseo_notices":[],"amp_enabled":true,"views":"23","promo_type":"1","layout_type":"1","short_excerpt":"","is_update":"","_links":{"self":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/59809","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/comments?post=59809"}],"version-history":[{"count":1,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/59809\/revisions"}],"predecessor-version":[{"id":59811,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/59809\/revisions\/59811"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media\/59810"}],"wp:attachment":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media?parent=59809"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/categories?post=59809"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/tags?post=59809"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}