FBI Seizes Domain To Thwart VPNFilter Attack On Ukraine

The US FBI has seized control of a web domain to thwart a potential cyber-attack on Ukraine ahead of the Champions league final on Saturday.

The imminent cyber-attack, dubbed VPNFilter malware by researchers at Cisco’s Talos computer security unit, was being blamed on the Russian government.

This because the malware shares code with malware previously used in cyber-attacks which the US government has attributed to Moscow.

FBI seizure

On Thursday Cisco warned that VPNFilter has infected at least half a million routers and storage devices in dozens of countries.

The malware is capable of monitoring internet traffic, to obtain sensitive details such as login credentials, as well as initiating destructive attacks on industrial networks.

The VPNFilter malware seemed to be targetting the Ukraine with another cyber-attack. This country has suffered previous malware outbreaks, which in turn have spread worldwide, including the June 2017 “NotPetya” attack that UK and US officials said was the most destructive cyber-incident to date.

But now according to the BBC, the FBI seized a website that was helping communicate with home routers infected with malware that would carry out the digital bombardment.

The FBI is now trying to clean up infected machines, after it was granted a court order earlier this week.

This court ruling ordered website registrar Verisign to hand over control of the ToKnowAll.com domain to the FBI.

It seems that infected routers and storage devices regularly contacted that domain in order to update the malware with which they were infected.

But by seizing control of the domain, the FBI is be able to log the location of infected machines and co-ordinate efforts to clean them up.

Russian denial

The state-sponsored group known as Sofacy/Fancy Bear has been identified as both developing the malware and preparing the attack.

“This operation is the first step in the disruption of a botnet that provides the Sofacy actors with an array of capabilities that could be used for a variety of malicious purposes,” John Demers, assistant attorney general for National Security, is quoted as saying in a statement.

Russia has denied an allegation by Ukraine that Russia was planning a cyber-attack on the country. Russia has also this week denied an international investigation that concluded that a Russian military missile had shot down flight MH17 over eastern Ukraine in 2014, killing all 298 people aboard.

Cisco meanwhile has warned that the malware includes a “kill” switch, which could render devices unusable if it were used.

A reboot of infected devices is not enough.

To clear the infection, users have to restore the devices to their initial factory settings. Users are also being urged to update the firmware on their routers.

In March this year a leading American General slammed the ability of the United States to effectively combat Russia’s cyber threats.

Army General Curtis Scaparrotti, who is also NATO’s Supreme Allied Commander in Europe, told a US Senate Armed Services Committee hearing that the US government did not have an effective unified approach to deal with Russia’s cyber threat.

Do you know all about security? Try our quiz!

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

Ericsson To Cut 1,200 Jobs in Sweden Amid ‘Challenging’ Market

Swedish telecoms giant Ericsson blamed “challenging mobile networks market” and “further volume contraction” for job…

15 hours ago

FTX’s Sam Bankman-Fried Sentenced To 25 Years In Prison For $8bn Fraud

Dramatic downfall. Sam Bankman-Fried sentenced to 25 years in prison for masterminding $8bn fraud that…

16 hours ago

Elon Musk Orders FSD Demo For Every Tesla US Sale

Fallout avoidance? Tesla buyers in the US must be shown how to use the FSD…

17 hours ago

Amazon Pumps Another $2.75 Billion Into Anthropic

Amazon completes its $4bn investment into AI firm Anthropic, after providing an additional $2.75bn in…

19 hours ago

The Sustainability of AI

While AI promises unparalleled efficiency, productivity, and innovation, questions regarding its environmental impact loom large.…

22 hours ago

Trump’s Truth Social Makes Successful Market Debut

Shares in Donald Trump’s social media company rose about 16 percent after first day of…

22 hours ago