Russian Cyclops Blink botnet launches assault against Asus routers

The Cyclops Blink botnet is now targeting Asus routers in a new wave of cyberattacks. 

Cyclops Blink, a modular botnet, is suspected of being the creation of Sandworm/Voodoo Bear, a Russian advanced persistent threat (APT) group. 

ZDNet Recommends

The best security key

While robust passwords help you secure your valuable online accounts, hardware-based two-factor authentication takes that security to the next level.

Read More

Several weeks ago, the UK National Cyber Security Centre (NCSC) and the United States’ Cybersecurity and Infrastructure Security Agency (CISA), alongside the NSA and FBI, warned of the botnet’s existence.

According to the agencies, the APT is supported by the Russian General Staff Main Intelligence Directorate (GRU) and has been linked to the use of BlackEnergy malware against Ukraine’s electricity grid, Industroyer, NotPetya, and cyberattacks against Georgia. 

“Cyclops Blink appears to be a replacement framework for the VPNFilter malware exposed in 2018, which exploited network devices, primarily small office/home office (SOHO) routers and network-attached storage (NAS) devices,” the agencies warned

This week, cybersecurity researchers from Trend Micro said that while the malware is “state-sponsored”, it does not appear to be inactive use

Read More: