USA disrupts Russia-backed Cyclops Blink botnet

The US Department of Justice (DoJ) announced that it had taken down Cyclops Blink, a botnet controlled by a threat actor known as Sandworm (APT28), which has been linked to Russia’s military intelligence agency, GRU.

‘Thanks to our close work with international partners, we were able to detect the infection of thousands of network hardware devices. We were then able to disable the GRU’s control over those devices before the botnet could be weaponized.’ the announcement stated.

In a press conference, US Attorney General Merrick Garland has accused Russia of using similar infrastructure to conduct cyberattacks on Ukraine. However, he noted that ‘fortunately, we could disrupt this botnet before it could be used’.