The F.B.I., working with other countries, disrupted a Russian hacking operation that infiltrated more than 1,000 home and small-business internet routers in the United States and around the world, the Justice Department announced on Thursday.

Russian intelligence, collaborating with cybercriminals, created a botnet, or a network of private computers infected with malicious software, to spy on military and security organizations and private corporations in countries like the United States.

Using a court order, the F.B.I. secretly copied and deleted stolen data and malware from hacked routers. Doing this stopped Russia’s ability to use the routers without affecting how they function, officials said.

The F.B.I. director, Christopher A. Wray, shared details of the operation at an annual security conference in Munich.

Archive

  • mox@lemmy.sdf.org
    link
    fedilink
    English
    arrow-up
    24
    ·
    9 months ago

    The lack of detail in this article makes it rather useless. However, the original press release answers the obvious questions:

    It was Ubiquiti (UBNT) routers running EdgeOS, with admin passwords that had not been changed from the default, and the admin interface exposed on internet-facing port(s) at some time in the past.

    • BedSharkPal@lemmy.ca
      link
      fedilink
      English
      arrow-up
      15
      ·
      9 months ago

      It’s 2024 and the practice of uniform default admin accounts is still alive and well?

      • tryitout@infosec.pub
        link
        fedilink
        English
        arrow-up
        5
        ·
        9 months ago

        You’re right that default credentials should have gone away a decade ago. From my experience with security cameras, default credentials were the norm ~5 years ago and now most prompt you to create a unique password. That industry typically lags slightly in infosec best practices. I would expect routers to require a higher level of security.

      • ryannathans@aussie.zone
        link
        fedilink
        English
        arrow-up
        5
        ·
        9 months ago

        No longer the case with ubiquiti products, you’ll see these are old deprecated devices, on old firmware