Front Page Detectives

Under Attack: Russian Hackers Have Infiltrated U.S. Household and Small Business Routers, FBI Warns

FBI Disrupts Russian Hacking Campaign That Breached U.S.
Source: MEGA

The FBI recently disrupted an ambitious Russian cyberattack campaign that breached hundreds of routers from home offices and small businesses.

Feb. 21 2024, Published 9:39 a.m. ET

Link to FacebookShare to XShare to Email

The FBI has recently thwarted a large-scale cyberattack orchestrated by Russian operatives, targeting hundreds of routers in home offices and small businesses, including those in the United States.

These compromised routers were used to form "botnets," which were then employed in cyber operations worldwide.

Article continues below advertisement

The United States Department of Justice has attributed this cyberattack to the Russian GRU Military Unit 26165. Countermeasures undertaken by authorities ensured that the GRU operators were expelled from the routers and denied further access, ABC News reported.

The GRU deployed a specialized malware called "Moobot," associated with a known criminal group, to seize control of susceptible home and small office routers, converting them into "botnets" — a network of remotely controlled systems.

The Justice Department, in an official statement, explained, "Non-GRU cybercriminals installed the Moobot malware on Ubiquiti Edge OS routers that still used publicly known default administrator passwords. GRU hackers then used the Moobot malware to install their own bespoke scripts and files that repurposed the botnet, turning it into a global cyber espionage platform."

Utilizing this botnet, Russian hackers engaged in various illicit activities, including extensive “spearphishing” campaigns and credential harvesting campaigns against targets of intelligence interest to the Russian government, such as governmental, military, security and corporate entities in the United States and abroad.

Breaking News
Article continues below advertisement

Botnets pose a significant challenge for intelligence agencies, hindering their ability to detect foreign intrusions into their computer networks, Reuters notes.

In January 2024, the FBI executed a court-approved operation dubbed "Operation Dying Ember" to disrupt the hacking campaign. According to the Department of Justice, the FBI employed malware to copy and erase the malicious data from the routers, restoring full access to the owners while preventing further unauthorized access by GRU hackers.

Never miss a story — sign up for the Front Page Detectives newsletter. Be on the scene the moment news breaks.

Attorney General Merrick Garland emphasized the Justice Department's commitment to thwarting Russian cyber campaigns, stating we are “accelerating our efforts to disrupt the Russian government’s cyber campaigns against the United States and our allies."

FBI Director Christopher Wray cautioned that despite these interventions, the GRU and other threat actors will persist in their cyberattack endeavors. He assured ongoing efforts by the FBI to dismantle additional botnet clusters and neutralize cyber threats.


Become a Front Page Detective

Sign up to receive breaking
Front Page Detectives
news and exclusive investigations.

More Stories

Opt-out of personalized ads

© Copyright 2024 FRONT PAGE DETECTIVES™️. A DIVISION OF EMPIRE MEDIA GROUP INC. FRONT PAGE DETECTIVES is a registered trademark. All rights reserved. Registration on or use of this site constitutes acceptance of our Terms of Service, Privacy Policy and Cookies Policy. People may receive compensation for some links to products and services. Offers may be subject to change without notice.