FBI seizes domain Russia allegedly used to infect 500,000 consumer routers

  News
image_pdfimage_print

Enlarge (credit: Wikipedia)

The FBI has seized a key domain used to infect more than 500,000 home and small-office routers in a move that significantly frustrates a months-long attack that agents say was carried out by the Russian government, The Daily Beast reported late Wednesday.

The takedown stems from an investigation that started no later than last August and culminated in a court order issued Wednesday directing domain registrar Verisign to turn over control of ToKnowAll.com. An FBI affidavit obtained by The Daily Beast said the hacking group behind the attacks is known as Sofacy. The group—which is also known as Fancy Bear, Sednit, and Pawn Storm—is credited with a long list of attacks over the years, including the 2016 hack of the Democratic National Committee.

As Ars reported earlier Wednesday, Cisco researchers said the malware that infected more than 500,000 routers in 54 countries was developed by an advanced nation and implied Russia was responsible, but the researchers didn’t definitively name the country.

Read 6 remaining paragraphs | Comments

https://arstechnica.com/?p=1313887