At least half a million routers and storage devices in dozens of countries around the world have been infected by a sophisticated botnet, in preparation for an alleged planned cyber attack on Ukraine.
Read more in my article on the Tripwire State of Security blog.
The FBI has seized a key domain used to infect more than 500,000 home and small-office routers in a move that significantly frustrates a months-long attack that agents say was carried out by the Russian government, The Daily Beast reported late Wednesday.
The takedown stems from an investigation that started no later than last August and culminated in a court order issued Wednesday directing domain registrar Verisign to turn over control of ToKnowAll.com. An FBI affidavit obtained by The Daily Beast said the hacking group behind the attacks is known as Sofacy. The group—which is also known as Fancy Bear, Sednit, and Pawn Storm—is credited with a long list of attacks over the years, including the 2016 hack of the Democratic National Committee.
As Ars reported earlier Wednesday, Cisco researchers said the malware that infected more than 500,000 routers in 54 countries was developed by an advanced nation and implied Russia was responsible, but the researchers didn’t definitively name the country.
Read 6 remaining paragraphs | Comments