Cybersecurity authorities have issued an advisory warning of a global operation employing brute force techniques. The NSA, CISA, FBI, and NCSC have issued an advisory linking the campaign to the Russian government, specifically Russia’s General Staff Main Intelligence Directorate (GRU).
The GRU 85th Main Special Service Center (GTsSS) employed a Kubernetes cluster to undertake extensive, anonymous, and distributed brute force attacks.
Some of the attempts were delivered directly from nodes in this cluster, and the campaign is thought to have started in mid-2019. Tor and different commercial VPN services were employed in the majority of the attacks.
To Read More: Cyware