BR100 Decreased By (-1.39%)
BR30 Decreased By (-1.72%)
KSE100 Decreased By (-1.3%)
KSE30 Decreased By (-1.25%)
AGHA 7.92 Decreased By ▼ -0.17 (-2.1%)
BECO 5.20 Decreased By ▼ -0.07 (-1.33%)
BML 59.25 Decreased By ▼ -0.13 (-0.22%)
BOP 33.68 Decreased By ▼ -0.51 (-1.49%)
CNERGY 9.81 Increased By ▲ 0.19 (1.98%)
CSIL 5.42 Decreased By ▼ -0.08 (-1.45%)
FCCL 53.52 Decreased By ▼ -0.63 (-1.16%)
FFL 16.68 Decreased By ▼ -0.16 (-0.95%)
FNEL 1.21 Decreased By ▼ -0.02 (-1.63%)
KEL 7.35 Decreased By ▼ -0.24 (-3.16%)
KOSM 5.61 Decreased By ▼ -0.07 (-1.23%)
LOTCHEM 29.11 Decreased By ▼ -1.32 (-4.34%)
MLCF 95.50 Decreased By ▼ -2.66 (-2.71%)
NBP 204.35 Decreased By ▼ -4.44 (-2.13%)
NCPL 58.24 Decreased By ▼ -1.37 (-2.3%)
NPL 67.79 Decreased By ▼ -2.08 (-2.98%)
OGDC 317.94 Decreased By ▼ -5.42 (-1.68%)
PACE 10.71 Decreased By ▼ -0.36 (-3.25%)
PAEL 41.83 Decreased By ▼ -0.42 (-0.99%)
PIBTL 16.50 Decreased By ▼ -0.32 (-1.9%)
PPL 219.74 Decreased By ▼ -4.99 (-2.22%)
PRL 44.59 Increased By ▲ 2.94 (7.06%)
PTC 70.77 Decreased By ▼ -0.35 (-0.49%)
SSGC 28.93 Decreased By ▼ -0.38 (-1.3%)
TBL 9.84 Decreased By ▼ -0.12 (-1.2%)
TELE 8.76 Decreased By ▼ -0.23 (-2.56%)
TPL 16.45 Decreased By ▼ -0.07 (-0.42%)
TPLP 12.10 Decreased By ▼ -0.67 (-5.25%)
TREET 22.80 Decreased By ▼ -0.26 (-1.13%)
TRG 60.03 Decreased By ▼ -0.42 (-0.69%)
By

WASHINGTON: The U.S. Federal Bureau of Investigation has wrested control of thousands of routers and firewall appliances away from Russian military hackers by hijacking the same infrastructure Moscow’s spies were using to communicate with the devices, U.S. officials said on Wednesday.

An unsealed redacted affidavit described the unusual operation as a pre-emptive move to stop Russian hackers from mobilizing the compromised devices into a “botnet” - a network of hacked computers that can bombard other servers with rogue traffic.

"Fortunately, we were able to disrupt this botnet before it could be used,” U.S. Attorney General Merrick Garland said.

The targeted botnet was controlled through malware called Cyclops Blink, which U.S. and UK cyberdefense agencies had publicly attributed in late February to “Sandworm,” allegedly one of the Russian military intelligence service’s hacking teams that has repeatedly been accused of carrying out cyberattacks.

Cyclops Blink was designed to hijack devices made by WatchGuard Technologies Inc and ASUSTeK Computer Inc, according to research by private cybersecurity firms.

Russia rejects claims it was responsible for cyberattack on Ukraine

It provides Russian services with access to those compromised systems, offering the ability to remotely exfiltrate or delete data or turn the devices against a third party.

FBI Director Chris Wray told reporters the FBI, with court approval, secretly reached into thousands of routers and firewall appliances to delete the malware and reconfigure the devices.

"We removed malware from devices used by thousands of mostly small businesses for network security all over the world," Wray said. "We shut the door the Russians had used to get into them."

The affidavit noted that U.S. officials launched an awareness campaign “to inform owners of WatchGuard devices of the steps they should take to remediate infections or vulnerabilities” and yet less than half the devices had been fixed to expel the hackers.

The affidavit noted that the FBI had carried out its work in cooperation with WatchGuard.

The announcement came amid a flurry of new sanctions announced against Russian banks and elites, days after grim images emerged of the bodies of civilians shot at close range in the town of Bucha.

Russia says its "special military operation" is aimed at demilitarizing and "denazifying" Ukraine, and it has denied targeting civilians.

Comments

Comments are closed for this article.