CSA new sandworm malware cyclops blink replaces VPNfilter

24 February 2022

The UK National Cyber Security Centre (NCSC), the Cybersecurity and Infrastructure
Security Agency (CISA), the National Security Agency (NSA) and the Federal Bureau
of Investigation (FBI) in the US have identified that the actor known as Sandworm or
Voodoo Bear is using a new malware, referred to here as Cyclops Blink. The NCSC,
CISA, NSA and FBI have previously attributed the Sandworm actor to Russian GRU’s Main Centre for Special Technologies GTsST. The malicious cyber activity below has
previously been attributed to Sandworm:

The BlackEnergy disruption of Ukrainian electricity in 2015
* Industroyer in 2016
* NotPetya in 2017
* Attacks against the Winter Olympics and Paralympics in 2018
* A series of disruptive attacks against Georgia in 2019

read more about:
CSA new sandworm malware

Scroll To Top

Tiplijn Seguridad Nacional

11911

De mogelijkheid bestaat om (anoniem) iets te melden bij de VDA; de informatie kan eventueel gedeeld worden met andere, zoals KPA.

Email: tipline11911@vda.aw

De Veiligheidsdienst Aruba

CSA new sandworm malware cyclops blink replaces VPNfilter

Tiplijn Seguridad Nacional

11911

Contact Informatie

Telefoon: 582 4564

Fax: 582 3143