A botnet made up of routers from the manufacturer Ubiquiti was taken over and shut down in an FBI operation. Russian secret services are said to be behind this.
Malware from the APT 28 group found its way onto numerous routers in offices and private households. According to the FBI, this botnet was used as a cyber espionage platform. The devices run Linux firmware. According to the US authorities, the MooBot malware was used. The target was the routers from the manufacturer Ubiquiti with the Edge OS operating system, which operate with standard passwords.
According to the FBI, the targets of the espionage activities were governments, military, security agencies and corporations in the USA and other NATO and EU countries.
To better protect yourself, the FBI advises all victims to take the following remediation steps: perform a hardware factory reset to clean the file system of malicious files; update to the latest firmware version; Change all default usernames and passwords and implement more strategic firewall rules to prevent unwanted exposure of remote management services. The FBI strongly advises router owners not to expose their devices to the Internet until they change the default passwords.
More at Justice.gov