reported that Department of Justice Press Release ( that “A January 2024 court-authorized operation has neutralized a network of hundreds of small office/home office (SOHO) routers that GRU Military Unit 26165, also known as APT 28, Sofacy Group, Forest Blizzard, Pawn Storm, Fancy Bear, and Sednit, used to conceal and otherwise enable a variety of crimes.”  The February 16, 2024 report in entitled “Feds remove Ubiquiti router botnet used by Russian intelligence” ( included these comments from said Deputy Attorney General Lisa Monaco:

For the second time in two months, we’ve disrupted state-sponsored hackers from launching cyber-attacks behind the cover of compromised U.S. routers,

The article also included these comments:

In the wake of the earlier Volt Typhoon botnet takedown, the Cybersecurity and Infrastructure Security Agency (CISA), prepared together with the FBI, published guidance on security design improvements for SOHO device manufacturers. The guidance urged manufacturers to build security into the design, development, and maintenance of SOHO routers to prevent threat groups from compromising them and using them as a launching pad to attack critical infrastructure.

I am sure no one is surprised by this news!

First published at