Russia’s most cutthroat hackers infect network devices with new botnet malware

Stylized illustration of ones and zeroes on a computer screen.

Enlarge (credit: Getty Images)

said on Wednesday. The malware is able to abuse a legitimate firmware update mechanism found in infected devices in a way that gives it persistence, meaning the malware survives reboots.

Like VPNFilter, but stealthier

Cyclops Blink has been circulating for almost three years and replaces VPNFilter, the malware that in 2018 researchers found infecting about 500,000 home and small office routers. VPNFilter contained a veritable Swiss Army knife that allowed hackers to steal or manipulate traffic and to monitor some SCADA protocols used by industrial control systems. The US Department of Justice linked the hacks to the Main Intelligence Directorate of the General Staff of the Armed Forces of the Russian Federation, typically abbreviated as the GRU.

Read 16 remaining paragraphs | Comments