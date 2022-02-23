National Cyber Security Centre
|Printable version
New Sandworm malware Cyclops Blink replaces VPNFilter
Joint advisory published by the UK and US identifies a new malware known as Cyclops Blink that could be used to remotely access networks.
The UK and US have today published a joint advisory that identifies a new malware used by the actor Sandworm. Sandworm, also known as Voodoo Bear, has previously been attributed to Russia’s GRU.
The malware dubbed Cyclops Blink appears to be a replacement for the VPNFilter malware exposed in 2018, and its deployment could allow Sandworm to remotely access networks.
The advisory, published by the NCSC (UK) and CISA, FBI and NSA (USA), includes steps outlining how to identify a Cyclops Blink infection and points to mitigation advice to help organisations remove it.
The advisory also includes information on the associated tactics, techniques and procedures (TTPs) used by Sandworm.
The NCSC has also published a malware analysis report on Cyclops Blink which provides a more detailed view of the malware.
N.B This is a routine advisory and not directly linked to the situation in Ukraine.
Original article link: https://www.ncsc.gov.uk/news/new-sandworm-malware-cyclops-blink-replaces-vpnfilter
Latest News from
National Cyber Security Centre
Groundbreaking cyber advice will help construction firms build strong foundations against online threats23/02/2022 13:15:00
New guidance, issued by the NCSC and the Chartered Institute of Building, is designed to help small and medium-sized construction businesses.
NCSC CEO Lindy Cameron urges UK organisations to take action22/02/2022 09:15:00
An article in The Sunday Telegraph outlines guidance and information from the NCSC on actions to take when the cyber threat is heightened.
UK government assess Russian involvement in DDoS attacks on Ukraine21/02/2022 10:15:00
Russia was involved in cyber attacks against Ukraine's financial sector
Schoolgirls across the UK crowned winners at cyber competition finals10/02/2022 11:15:00
Thirteen teams around the country claimed victory at the finals of the new-look 2022 CyberFirst Girls Competition.
NCSC joins US and Australian partners to reveal latest ransomware trends09/02/2022 16:20:00
Joint advisory warns of an increase in sophisticated, high-impact ransomware incidents against organisations.
Joint advisory highlights increased globalised threat of ransomware09/02/2022 15:20:00
The NCSC and international partners observe an increase in sophisticated, high-impact ransomware incidents against critical infrastructure organisations.
NCSC joins the seL4 Foundation03/02/2022 10:25:00
Supporting the long-term development of the seL4 microkernel ecosystem and next generation high-assurance devices.
Schoolgirls across the UK poised to battle for crown of cyber champions01/02/2022 10:15:00
The CyberFirst Girls Competition's finals will take place across the UK.