US and Allies Kick Russian Hackers Off Home Routers, FBI Says *Centurion Insurance AFS*

The US and its allies have disrupted access by a Russian-state sponsored hacking organization to “well over a thousand home and small business routers” used for criminal and intelligence purposes, FBI Director Christopher Wray said on Thursday.

Speaking at the Munich Security Conference, Wray said authorities managed to kick a hacking unit that is part of Russian intelligence, known as APT 28 or Fancy Bear, off the routers and “lock the door behind them.”

The Russian agency was “piggybacking” on a network of hacked internet-connected devices, known as a botnet, “to run cyber operations against countries around the world, including America and its allies in Europe.”

The court-authorized action sought to interdict spearphishing and similar credential-harvesting campaigns against targets of interest to Russian intelligence. That includes US and foreign governments and military, security and corporate organizations, the Department of Justice said in a statement.

The operation was different than past campaigns by Russian state-sponsored hacking organizations, in that it used malware — known as “Moobot” — associated with a criminal group, as opposed to building its own, the DOJ said.

“Cybercriminals installed the Moobot malware on Ubiquiti Edge OS routers that still used publicly known default administrator passwords,” according to the statement. The hackers then used the malware to install their own files and repurposed the botnet, “turning it into a global cyber espionage platform.”

Photo: Photographer: Andrey Rudakov/Bloomberg

Copyright 2024 Bloomberg.

Topics
Cyber
USA
Russia