Sign In

Communications of the ACM

ACM News

U.S. Disrupts Prolific Botnet Controlled by Russian Military

View as: Print Mobile App Share:
Moscow's Red Square.

Network device manufacturers WatchGuard and ASUSTek Computer released guidance on how to detect and remediate issues related to the malware. While thousands of compromised devices have been fixed, the U.S. Department of Justice said, “a majority of

Credit: The Record

U.S. Attorney General Merrick Garland announced Wednesday that U.S. officials have disrupted a global botnet of thousands of infected devices allegedly controlled by the Russian military. 

Garland said the court-authorized operation was directed at Sandworm—a cyber-unit of the GRU Russian military intelligence service—and Cyclops Blink, an advanced modular botnet linked to the group.

In a statement, the Justice Department said the operation "copied and removed malware from vulnerable internet-connected firewall devices that Sandworm used for command and control (C2) of the underlying botnet."

"Although the operation did not involve access to the Sandworm malware on the thousands of underlying victim devices worldwide, referred to as 'bots,' the disabling of the C2 mechanism severed those bots from the Sandworm C2 devices' control," the Justice Department explained.

From The Record
View Full Article



No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account