When activated the Cyclops Blink botnets could have overwhelmed any system it connected. In a DDoS attack, the computer is hit with a massive spam campaign which opens the door to compromise of sensitive information.
The Justice Department and the FBI obtained warrants which allowed them to find and remotely remove the malware from infected devices.
After the feds removed the malware on compromised devices, they closed the external management ports Sandworm was using for access.
“This court-authorized removal of malware deployed by the Russian GRU demonstrates the department’s commitment to disrupt nation-state hacking using all of the legal tools at our disposal,” said Assistant Attorney General Matthew Olsen.
Justice officials worked with cybersecurity specialists in the FBI and government agencies in the United Kingdom. They also worked with Watchguard to eliminate the malware threat and mitigate the possibilities in the future.
“This operation is an example of the FBI’s commitment to combating cyber threats through our unique authorities, capabilities, and coordination with our partners,” said Bryan Vorndran, the assistant director of the FBI’s Cyber Division.
