From the Russia yet another cyber threat arrives: Russian malware Cyclops Blinkwhich targets routers Asus. This botnet appears to be the work of the group of cyber criminals called Sandworm O Voodoo Bear.
Cyclops Blink, the Russian malware that attacks Asus routers
Trend Micro reports a new cyber threat, which defines a “botnet state-sponsored“, Thus created for strategic purposes by hackers close to the Kremlin. In fact, the malware would be circulating in different forms as early as 2019, link to the group that CISA chiama Sandworm o Voodoo Bear.
The group would already be active since 2015, when it would have launched an attack against the power grid of Ukraine. It also allegedly created infrastructure problems in Georgia and the 2018 Olympics.
Cyclops Blink malware according to experts particularly attacks router Asus. But not only that: also the devices of WatchGuardwhich builds i Firebox for network security. However, it does not appear to be directly attacking strategic infrastructure in Ukraine.
But Trend Micro thinks “it is possible that Cyclops Blink has as its main goal building an infrastructure for future attacks on high-profile targets.” So the botnet would enter routers to gather information for use in future attacks.
Asus is aware of the risk and has indicated that it is taking measures to remedy the problem. In addition, he communicated a series of security checklists to check to harden their devices and networks. But Trend Micro explains that malware could be as treacherous as not even a factory reset would be able to resolve the situation.