Tuesday, May 21, 2024

Vogon Today

Selected News from the Galaxy

StartMag

What are Russian hackers up to in the Netherlands?

2 years ago babelfish

What are Russian hackers up to in the Netherlands?

The Dutch military intelligence and security service believes that some hacker attacks in the country have been perpetrated by a Russian military intelligence unit GRU. All the details in the article by Giuseppe Gagliano

The Dutch newspaper Volkskrant reported that the Dutch Military Intelligence and Security Service (MIVD) intervened in response to the abuse of SOHO-grade network devices in the Netherlands. The attacks are believed to have been perpetrated by unit 74455 of the Chief Intelligence Directorate of the Russian Armed Forces General Staff (GRU). The unit, also known as Sandworm or BlackEnergy, is linked to numerous cases of influence and sabotage operations around the world.

WHAT HAPPENED

The devices had reportedly been compromised and were part of a large-scale botnet made up of thousands of devices around the world, which the GRU used to carry out digital attacks. MIVD traced the affected devices to the Netherlands and informed their owners, MIVD chief Jan Swillens told Volkskrant .

CYCLOPS BLINK

The discovery of the MIVD came after US and British intelligence warned in late February that Russian agents were using a previously undisclosed type of malware dubbed Cyclops Blink. According to the authorities, the botnet in which the compromised devices were embedded has been active since at least June 2019.

The malware has persistence, as it can survive device reboots and firmware updates. The UK's National Cyber ​​Security Center describes Cyclops Blink as "highly sophisticated malware".

INFECTED DEVICES

Some affected device owners in the Netherlands have been asked by the MIVD to (voluntarily) hand over the infected devices. They were advised to replace the router and in some cases received a "coupon" for an alternate router, according to the Volkskrant .

The precise number of compromised devices in the Netherlands is unclear, but is reportedly on the order of dozens. Swillens said the public disclosure aims to raise public awareness. “The threat is sometimes closer than you think. We want to make citizens aware of this. The consumer devices and SOHOs, used by the supermarket around the corner, so to speak, are exploited by foreign state actors, ”he added.

This is a machine translation from Italian language of a post published on Start Magazine at the URL https://www.startmag.it/innovazione/cosa-combinano-gli-hacker-russi-in-olanda/ on Wed, 09 Mar 2022 13:49:23 +0000.