New variant of Cyclops Blink botnet targeting ASUS routers2022-03-21 19:38 by Daniela
Tags: Cyclops Blink, ASUS, router, Botnet
Notorious Russian state-sponsored hackers are attacking Asus home Wi-Fi routers, Japanese antivirus firm Trend Micro said.
ASUS routers have emerged as the target of a nascent botnet called Cyclops Blink, almost a month after it was revealed the malware abused WatchGuard firewall appliances as a stepping stone to gain remote access to breached networks.
Cyclops Blink is a Kremlin-linked malware that has existed since 2019. It is tied to the elite Sandworm hacking group. According to UK's National Cyber Security Centre (NCSC), it initially targeted WatchGuard Firebox devices. Sandworm was linked to other well-known cyber-attacks, like the NotPetya ransomware, which has caused billions of dollars worth of damage globally since June 2017, and the BlackEnergy malware behind the Ukrainian blackouts of 2015-16.
Asus was made aware of the attacks and said in a March 17 statement on its Product Security Advisory page that the company is also looking into Cyclops Blink and taking remediation measures. It provided a security checklist router owners can follow to harden their defenses - as well as a list of all the affected units. Cyclops Blink is so insidious that Trend Micro advises anyone suspecting an infection to basically just get new routers - even a factory reset won't fix it.
Read more -here-