The US is trying to keep mass amounts of routers infected by Russian malware under control
The attack could be a part of a bigger plan to attack Ukraine.
The U.S. government is seeking to wrestle control of hundreds of thousands of routers and storage devices infected by Russian malware. The move comes as researchers have concluded the hackers behind the virus are getting ready to use the “botnet” to attack Ukraine, according to Reuters.
This week, a federal judge in Pennsylvania gave the FBI permission to seize an internet domain that authorities believe was being controlled by a Russian hacker group called Sofacy to take over the infected devices.
The order allows the U.S. agency to direct the devices to communicate with an FBI-controlled server. In doing so, the server will allow authorities to remove malware from the infected equipment.
According to Assistant Attorney General for National Security, John Demers,
This operation is the first step in the disruption of a botnet that provides the Sofacy actors with an array of capabilities that could be used for a variety of malicious purposes, including intelligence gathering, theft of valuable information, destructive or disruptive attacks, and the misattribution of such activities.
Earlier this week, Cisco Systems released a report on the hacking campaign that it said targeted devices from Linksys, MikroTik, Netgear, TP-Link, and QNAP. Soon after, the U.S. government moved get the order approved.
Reuters notes that Cisco said the largest number of infections from the VPNFilter malware were in Ukraine, which led it to believe Russia was planning an attack on that country.
Russia denies having anything to do with computer hacking operations across the world, including interfering in the 2016 U.S. presidential election.
What do you think the government should do about Russian malware? Speak up below (and try to keep it civil).