"This botnet was distinct from prior GRU and Russian Federal Security Service (FSB) malware networks disrupted by the Department in that the GRU did not create it from scratch. Instead, the GRU relied on the 'Moobot' malware, which is associated with a known criminal group," the Justice Department said.
"Additionally, in order to neutralize the GRU's access to the routers until victims can mitigate the compromise and reassert full control, the operation reversibly modified the routers' firewall rules to block remote management access to the devices, and during the course of the operation, enabled temporary collection of non-content routing information that would exp...
Cybercriminals not linked with the GRU (Russian Military Intelligence) first infiltrated Ubiquiti Edge OS routers and deployed the Moobot malware, targeting Internet-exposed devices with widely known default administrator passwords.
[
add
]
[
|
|
...
]