Advertisement:

Quark

Partners:

Quark
Polskie Stowarzyszenie Bitcoin

Neutralizing Botnet APT28 by the FBI: Intervention in Cyberspace

Intervention by the Department of Justice and FBI neutralized a botnet operated by Russian GRU Military Unit 26165. The malicious software network, using Moobot malware, targeted key institutions with spear-phishing attacks. Collaboration with national and international partners aims to combat cyber threats and restore normalcy for affected users through resetting router settings.

Pharmacy of the Department of Justice: FBI and GRU Military Unit 26165

The Department of Justice recently announced success in disrupting a botnet operated by the Russian military unit GRU Military Unit 26165, also known as APT28. The FBI’s actions led to the neutralization of a malicious software network that was used for a series of attacks on government institutions, military entities, and companies.

Detection and Neutralization of Malicious Software Network

The FBI revealed that a malicious software network consisting of hundreds of Ubiquiti Edge OS routers was used by APT28 to conduct spear-phishing attacks and gather authentication data against key institutions. The botnet utilized the harmful malware Moobot, known for targeting IoT devices and routers through vulnerability exploitation or brute-force attacks on weak default passwords.

Intervention by the Department of Justice and FBI

The Department of Justice obtained a court order to copy and remove stolen data and malicious software from infected routers. Subsequently, the devices were neutralized by changing firewall rules to block remote access to their management.

Collaboration with National and International Partners

The FBI emphasizes that it collaborates with both national and international partners in the fight against Russian services’ influence on American citizens and allies. These actions aim to ensure cybersecurity and safeguard key institutions from attacks.

Return to Normal for Users

Users affected by the FBI operation in conjunction with the Department of Justice have the opportunity to restore firewall settings by resetting routers to factory settings or changing default administrator passwords. These steps allow for the restoration of full device functionality.

Combatting Cybercrime

This operation is one of the latest efforts by American law enforcement agencies in combating cybercrime. In recent months, attacks have been directed at various groups and botnets, such as BlackCat ransomware, Volt Typhoon, and Turla’s Snake. These actions demonstrate a determination to combat cyber threats.

Related

Prosecutors want to seize 2.5 million dollars in cryptocurrency from the “pig butchering” fraud – Mysterious investigation and asset seizure
Prosecutors want to seize 2.5 million dollars in cryptocurrency from the “pig butchering” fraud – Mysterious investigation and asset seizure
Chinese accused of money laundering with cryptocurrencies: shocking operation details
Chinese accused of money laundering with cryptocurrencies: shocking operation details
Rampant Phishing Attacks in the Cryptocurrency World: Dramatic Consequences and Unveiled Culprits
Rampant Phishing Attacks in the Cryptocurrency World: Dramatic Consequences and Unveiled Culprits
Data security: traditional methods vs. blockchain – which method is more effective?
Data security: traditional methods vs. blockchain – which method is more effective?