Tag Archives: Kremlin

ALERT! Reboot Your Router NOW! – ALERT!

The FBI has issued an urgent warning and request to everyone who owns a home router to reboot the device to thwart a Russian cyber attack. Cisco security researchers at the company’s cyber intelligence unit by the name of Talos warned of the attack by malware named VPNFilter.  According to Talos VPNFilter has infected an estimated 500,000 consumer routers in 54 countries. Routers targeted are Linksys, MikroTik, Netgear and TP-Link, and potentially others.

On Friday the FBI warned that anyone with a small office or home office router (SOHO) reboot their devices to stop the malware. Rebooting is simply turning the device off and then back on again.

According to the FBI the threat is  “significant.” The FBI warning stated that the malware, once it has infected the router, could stop the router from working, collect user information from any device connected to it and possibly block network traffic.

The Justice Department  has reported that the malware is connected to a Russian government backed cyber espionage group that’s been called Sofacy, APT 28 or Fancy Bear by researchers. 

The problem is that the FBI can’t determine how VPNFilter is getting on people’s systems. By rebooting the router owners can disrupt the malware and delete parts of it’s code. However, the router can be reinfected.

As part of the operation to shutdown the malware attack the FBI, armed with a court order, seized control of a key server in the Kremlin’s global botnet of hacked routers.

The seizure destroys VPNFilter’s ability to reactivate after a router reboots, according to Vikram Thakur, technical director at Symantec. “The payload itself is non-persistent and will not survive if the router is restarted,” said Thakur. “That payload will vanish.”

You can check the security of your router free by visiting  F-Secure.com Router Check.

See also: Oregon FBI Tech Tuesday: Building a Digital Defense Against the “VPNFILTER” Malware

 

 

Russians Fake and Manipulate Black Activism

#BlackLivesMatter and other groups have made themselves heard using social media. The Internet is an effective tool for Black voices to speak on issues important to our people.  But Black issues and causes have become caught up, subverted and even manipulated in the most  intense political storm this nation has even seen.

The Trump administration is being openly accused of collusion with Russia to manipulate the outcome of the recent the presidential election in Trump’s favor. Two of the Trump campaign’s closest advisors have already been indicted by the Bob Mueller investigation.

But, apparently the Russians did not stop at the presidential elections. According to recent news reports the “Blacktivist” website that was supposedly supporting African-American causes has been linked to the Russian government. The social media platform used both Facebook and Twitter  to instigate even more racial tensions in the U.S. during the recent presidential election.  The Twitter and Facebook account of “Blacktivist” has been handed over to Congress.

The “Blacktivist” Facebook account had 360,000 likes compared to only  301,000 likes for the verified #BlackLivesMatter account.

African-Americans following “Blacktivist,” were fed content that fueled the outrage over police encounters with Black motorists and police violence against African-Americans. The content used various techniques to stoke Black anger including video footage.

The manipulation of legitimate African-American anger also included promoting at least seven rallies and demonstrations in the U.S. in 2016.  These events included the 50th anniversary of the Black Panther Party and a protest march in Baltimore commemorating the death of Freddie Gray. Most events were legitimate protest rallies but the “Blacktivist” website worked to increase the turnout.

CNN reported one ad, and maybe more, were purchased by Russians during the 2016 presidential campaign. The ads referenced #BlackLivesMatter and targeted audiences in Ferguson, MO and Baltimore, MD. Both cities garnered worldwide attention for the large and violent protests after police shootings of Black men.

The “Blacktivist” Facebook account is included in over 470 Russian-linked accounts identified by Facebook and disclosed to Congress. The matching Twitter account, “@blacktivist,” was among another estimated 200 accounts Twitter identified with links to those found by Facebook.

But the Russian manipulation of African-American social and political issues went even further. According to Gizmodo.com a Russian news outlet, RBC, uncovered a scheme by the Kremlin to use Facebook to recruit Black activists in the U.S.

The scheme reportedly paid Black activist to organize #BlackLivesMatter rallies, self-defense classes and even produce content for Russian-owned sites denouncing police violence against Black citizens. The activist, contacted by Buzzfeed News, claim they were unaware they were being used and paid by the Russians.

Three Black activists were paid for activities that ended up on the BlackMatter US and Black Fist websites. Black activist Conrad James was contacted via a Facebook message from BlackMatters US last September. James was reportedly paid to organize two rallies in North Carolina. Omowale Adewale was also contacted this time through his Instagram account. Adewale, an MMA fighter, was recruited as a trainer for Black Fist. He was allegedly paid to teach self-defense classes to the black community. The Black Fist website touts the classes as organized  “By Black for Black.”

See also: These Americans Were Tricked Into Working For Russia. They Said They Had No Idea.