U.S. Disrupts Major Russian Cyber Espionage Network

Operation Dying Ember neutralizes GRU-controlled botnet targeting over 1,000 routers in homes and businesses.

The U.S. Justice Department, in coordination with international partners, disrupted a Russian GRU-controlled hacking network that infiltrated over 1,000 home and small business routers in the U.S. and abroad.
The operation, dubbed 'Operation Dying Ember,' involved the FBI secretly copying and deleting stolen data and malware from the compromised routers.
The malware, known as 'Moobot,' was installed on Ubiquiti Edge OS routers using default administrator passwords, allowing the GRU to turn the network into a global cyber espionage platform.
Affected users are advised to perform a factory reset, update firmware, and change default passwords to secure their routers against future attacks.
The disruption is part of broader efforts to counter Russia's cyber campaigns against the U.S. and its allies, including Ukraine.