Operation called “Dying Ember” Authorized by court order, FBI, National Security Agency and other agencies involved have been notified 24 Channels.

Details of the operation

The experts’ actions targeted a botnet of small/home office routers infected with the “Moobot” malware associated with a well-known hacking group. They were the people Russian intelligence used to gain access to the botnet.

Russian hackers used this virus to upload their own scripts and files that repurposed the botnet, turning it into a botnet.A global platform for cyber espionage.

• The botnet was used for the needs of Russian intelligence by conducting espionage and data collection campaigns against objects of interest to the intelligence of the Russian government (the government of the United States and other countries, as well as military, security and corporate organizations). .
• The network is also used to hide and commit other crimes, such as ransomware attacks and cryptocurrency mining.

The US Department of Justice said they were able to copy and delete stolen data and files obtained using the hacked routers, and the malicious files were removed from the devices. Additionally, the routers’ firewall rules were changed to prevent access to remote device management. The agency also collected data that helped expose Russian intelligence.

The Justice Department said this is the third time since Russia’s invasion of Ukraine that it has deprived Russian intelligence services of a key tool used to pursue the Kremlin’s acts of aggression and other malicious activities.