Targeting of Asus routers
Date of report
  • March 2022
Sandworm targeted WatchGuard and ASUS routers with Cyclops Blink malware, an advanced modular botnet. The malware gives Sandworm access to data and files stored on compromised networks. The malware affects devices that do not belong to critical organizations, suggesting that its purpose may be to build infrastructure for later attacks on high-value targets. 
Suspected victims
  • Asus Routers in countries including the United States, Canada, India, Italy, and Russia
Suspected state sponsor
  • Russian Federation
Type of incident
  • Espionage
Target category
  • Private sector
Victim government reaction
  • Yes
Policy response