ΜΑΣ.. ΜΑΣ.

American law enforcers reported that they managed to disrupt the Cyclops Blink botnet, which they associate with the Russian hack group Sandworm (Η Asus αναφέρει τη δραστηριότητα του botnet Cyclops Blink, Η Asus αναφέρει τη δραστηριότητα του botnet Cyclops Blink, Η Asus αναφέρει τη δραστηριότητα του botnet Cyclops Blink). According to the authorities, the botnet was neutralized even before it was used in attacks.

Let me remind you that for the first time they started talking σχετικά με Οι κυβερνήσεις των ΗΠΑ και του Ηνωμένου Βασιλείου προειδοποίησαν για το τον Φεβρουάριο 2022, when law enforcement officers from the US and the UK published a joint report detailing the new malware. They reported that Cyclops Blink was used as early as June 2019, and primarily attacked WatchGuard Firebox firewalls, although it had the ability to attack other types of network equipment. Soon it really became known that the malware was also attacking Οι κυβερνήσεις των ΗΠΑ και του Ηνωμένου Βασιλείου προειδοποίησαν για το δρομολογητές.

Reports described Cyclops Blink as a “professional-designed” malware that uses a modular structure, allowing hackers to gain a foothold on devices and deploy second-stage payloads to infected devices. It was assumed that in this way hackers create an infrastructure for further attacks on targets important to them.

As the US Department of Justice now claims, last month, “a two-tier global botnet infrastructure of thousands of infected network deviceswas destroyed with the active assistance of Watchguard developers.

Chris Ray
Chris Ray

Law enforcers claim to have destroyed malware on vulnerable WatchGuard devices that the Οι κυβερνήσεις των ΗΠΑ και του Ηνωμένου Βασιλείου προειδοποίησαν για το group used to control its botnet. Although the operation did not “clean up” thousands of other infected devices around the world, the Department of Justice assured that after the C&C mechanism was disabled, these bots were no longer under the control of Sandworm.

Law enforcement officials say they were forced to intervene as the number of devices in the Cyclops Blink botnet decreased by only 39% after the February recommendations of the authorities to fix problems. Σε απάντηση, the authorities enabled a covert operation to remove the malware, for which a federal warrant was obtained. Σαν άποτέλεσμα, FBI agents gained remote access to infected WatchGuard devices and fixed the problem themselves.

I must warn that any Firebox devices that have previously acted as bots may still be vulnerable in the future until the issues are fixed by their owners. Ετσι, their owners in any case should take measures to detect and fix vulnerabilities as soon as possible.adds the head of the FBI, Chris Ray.

WatchGuard engineers have already prepared instructions on how to clean compromised Firebox devices from infection, restore them and update Fireware OS to the latest versions.

Summing up, the Ministry of Justice reported that the operation led to the successful recovery of thousands of compromised devices, although most of the hacked devices still remained infected.

It’s worth noting that this isn’t the first time the FBI has remotely accessed infected devices to eliminate threats, and many security professionals fear that such actions could be harmful if they inadvertently disrupt a critical process. Privacy advocates have also denounced the government’s actions as they could have exposed private individualsinformation.

Να θυμίσω ότι το είπαμε και αυτό RedLine Stealer malware is the main source of credentials in two major marketplaces.

Helga Smith

Ενδιαφέρομαι πάντα για τις επιστήμες των υπολογιστών, ειδικά την ασφάλεια δεδομένων και το θέμα, που ονομάζεται σήμερα "επιστημονικά δεδομένα", από τα πρώτα μου χρόνια. Πριν μπείτε στην ομάδα κατάργησης ιών ως αρχισυντάκτης, Εργάστηκα ως ειδικός στον τομέα της ασφάλειας στον κυβερνοχώρο σε πολλές εταιρείες, συμπεριλαμβανομένου ενός από τους εργολάβους της Amazon. Μια άλλη εμπειρία: Έχω διδάξει σε πανεπιστήμια Arden και Reading.

Αφήστε μια απάντηση

Αυτό το site χρησιμοποιεί Akismet να μειώσει το spam. Μάθετε πώς γίνεται επεξεργασία των δεδομένων σας σχόλιο.

Κουμπί Επιστροφή στην κορυφή