FBI Warns Of Russian Malware: Reboot Botnet Devices

The Hill reports:

The FBI on Friday issued a formal warning that a sophisticated Russia-linked hacking campaign is compromising hundreds of thousands of home network devices worldwide and it is advising owners to reboot these devices in an attempt to disrupt the malicious software.

The law enforcement agency said foreign cyber actors are targeting routers in small or home offices with a botnet — or a network of infected devices — known as “VPNFilter.” Cybersecurity experts and official say VPNFilter has infected an estimated 500,000 devices worldwide.

“The FBI recommends any owner of small office and home office routers reboot the devices to temporarily disrupt the malware and aid the potential identification of infected devices,” the bureau’s cyber division wrote in a public alert.

The Daily Beast reported yesterday:

FBI agents armed with a court order have seized control of a key server in the Kremlin’s global botnet of 500,000 hacked routers, The Daily Beast has learned. The move positions the bureau to build a comprehensive list of victims of the attack, and short-circuits Moscow’s ability to reinfect its targets.

The FBI counter-operation goes after “VPN Filter,” a piece of sophisticated malware linked to the same Russian hacking group, known as Fancy Bear, that breached the Democratic National Committee and the Hillary Clinton campaign during the 2016 election.

On Wednesday security researchers at Cisco and Symantec separately provided new details on the malware, which has turned up in 54 countries including the United States.