The FBI has announced that it has successfully taken down Cyclops Blink, a colossal botnet controlled by a group of Kremlin hackers.
The FBI has managed to dismantle ‘Cyclops Blink’, a Russian botnet of “gigantic dimensions”, before it could launch a violent attack against Western IT infrastructures. The authorship of the botnet is attributed to Sandworm , a particularly effective hacker group under the direct control of the Russian secret services.
A botnet is a network of computers, or intelligent devices connected to the internet, under the control of a malicious actor. Hackers typically ‘capture’ machines that are part of a botnet without their owners’ knowledge, infecting them with malware.
Often we are talking about hundreds of thousands of computers, although in the recent past it has become much more common to use infected printers, webcams, modems and other IoT devices . In short, tens of thousands (sometimes millions) of devices with extremely limited power, but which together can be used to launch a deadly DDoS attack against a target, disrupting the IT services of companies and institutions. Not surprisingly, speaking informally of these kinds of threats, botnets are often compared to legions of zombies.
The operation that led to the destruction of the Cyclops Blink botnet dates back to last March. The FBI was able to access the control server of the botnet, in this way the Bureau’s IT experts were able to ‘free’ the devices infected with malware, quickly frustrating a job that had taken Russian hackers several years.
The FBI has specified that the Russian malware is still installed on previously infected devices, but that hackers no longer have any control over them.
“This operation demonstrates the FBI’s commitment to combating cyberthreats through our unmatched authority and ability to coordinate with our allies,” said Bureau Executive Bryan Vorndran. “We will continue to fight cyberthreats that threaten national security and the lives of Americans.”
In a statement, the US government added that in the recent past, Russia has used tools similar to Cyclops Blink to launch violent attacks against Ukraine’s IT infrastructure . Previously, the US government had always warned that its 007s were expecting major cyber warfare actions against the US at any moment, in retaliation for the recent sanctions against the Russian economy approved by the White House.