Sandworm targeted WatchGuard and ASUS routers with Cyclops Blink malware, an advanced modular botnet. The malware gives Sandworm access to data and files stored on compromised networks. The malware affects devices that do not belong to critical organizations, suggesting that its purpose may be to build infrastructure for later attacks on high-value targets.
- Asus Routers in countries including the United States, Canada, India, Italy, and Russia
Suspected state sponsor
- Russian Federation
Type of incident
- Private sector