Usage subject to Terms and Conditions

New Sandworm Malware Cyclops Blink Replaces VPNFilter

New Sandworm Malware Cyclops Blink Replaces VPNFilter

Read the original article at https://us-cert.cisa.gov/ncas/current-activity/2022/02/23/new-sandworm-malware-cyclops-blink-replaces-vpnfilter

Original release date: February 23, 2022

The United Kingdom’s National Cyber Security Centre, CISA, the National Security Agency, and the Federal Bureau of Investigation have released a joint Cybersecurity Advisory (CSA) reporting that the malicious cyber actor known as Sandworm or Voodoo Bear is using new malware, referred to as Cyclops Blink. Cyclops Blink appears to be a replacement framework for the VPNFilter malware exposed in 2018, which exploited network devices, primarily small office/home office routers and network-attached storage devices.

CISA encourages users and administrators to review joint CSA: New Sandworm Malware Cyclops Blink Replaces VPNFilter for additional technical details and mitigations.

This product is provided subject to this Notification and this Privacy & Use policy.

Read the original article at https://us-cert.cisa.gov/ncas/current-activity/2022/02/23/new-sandworm-malware-cyclops-blink-replaces-vpnfilter