The Federal Bureau of Investigation has lost control of thousands of routers and firewall appliances from Russian military hackers, and devices used by Moscow spies to set up a “botnet” have been hijacked – a network of hacked computers linking to other servers. Can Traffic

“Fortunately, we were able to disrupt the botnet before it was used,” US Attorney General Merrick Garland told a news conference.

The FBI conducted a court-sanctioned operation in March 2022, disrupting a two-tiered global botnet of thousands of infected network hardware devices under the control of a threatening actor known as Sandworm, which the U.S. government previously blamed on the Department of Intelligence. The General Staff (GRU) of the Armed Forces of the Russian Federation, the judiciary announced in a statement.

The operation copied and removed malware from firewall devices used for command-and-control of Sandworm botnets. Although the operation does not access the sandworm malware on the underlying victim device, disabling the command-and-control mechanism detaches the bots from the control of the sandworm device, disrupting the Russian military hacker operation.

“Through close cooperation with Watchguard [Technologies Inc.] And our law enforcement partners, we have identified, intercepted and uncovered another example of the hacking of innocent victims of the Russian GRU in the United States and around the world, “said Cindy K. Chung, U.S. Attorney for the Western District of Pennsylvania in a statement.

Chung added, “Such actions are not only criminal but also a threat to the national security of the United States and its allies.” “My office is committed to working with our partners in the National Security Agency, the FBI, foreign law enforcement agencies, and the private sector to protect and maintain our country’s cyber security.”

“The FBI prides itself on working closely with our law enforcement and private sector partners who expose and attack criminals hiding behind their computers that threaten Americans’ safety, security and confidence in our digitally connected world,” Special Agent in Charge Mike said. Nordwall. The FBI’s Pittsburgh Field Office said in a statement. “The FBI is committed to fighting and thwarting Russia’s efforts to infiltrate the United States and its allies.”

Targets malware involved, Cyclops Blink, Watchguard Technologies Inc. and network devices manufactured by ASUSTek Computer Inc.

Although FBI operations have succeeded in copying and removing malware from all other identified command-and-control devices and preventing Sandworm from accessing these devices, the WatchGuard and ASUS devices that act as bots may be at risk for Sandworm if the WatchGuard And ASUS has recommended identification and remedial action, the DOJ warned. The department called on the Department of Network Defenders and Device Owners to review the February 23 advisory and guidelines published by WatchGuard and ASUS.

The operation comes about a month before Russia’s invasion of Ukraine.

