US government officials have disrupted a botnet believed to have been used by Russian state-sponsored threat actors to launch spearphishing and credential theft attacks. The botnet of hundreds of small office/home office (SOHO) Ubiquiti Edge OS routers were compromised through default admin passwords. The FBI recommends that owners and operators of compromised routers “perform a hardware factory reset to flush the file systems of malicious files; upgrade to the latest firmware version; change any default usernames and passwords; and implement strategic firewall rules to prevent the unwanted exposure of remote management services.” More https://cyberscoop.com/doj-fbi-disrupt-russian-intelligence-botnet/
