U.S. Disrupts Major Russian Cyber Espionage Network
Operation Dying Ember neutralizes GRU-controlled botnet targeting over 1,000 routers in homes and businesses.
- The U.S. Justice Department, in coordination with international partners, disrupted a Russian GRU-controlled hacking network that infiltrated over 1,000 home and small business routers in the U.S. and abroad.
- The operation, dubbed 'Operation Dying Ember,' involved the FBI secretly copying and deleting stolen data and malware from the compromised routers.
- The malware, known as 'Moobot,' was installed on Ubiquiti Edge OS routers using default administrator passwords, allowing the GRU to turn the network into a global cyber espionage platform.
- Affected users are advised to perform a factory reset, update firmware, and change default passwords to secure their routers against future attacks.
- The disruption is part of broader efforts to counter Russia's cyber campaigns against the U.S. and its allies, including Ukraine.