US EditionGermany intelligence agency warns of Russian APT28 cyber spying
The campaign compromised more than 18,000 routers and let attackers steal credentials and tokens without malware, researchers said.
- On Tuesday, the U.S. Justice Department and FBI executed a court-authorized disruption, dubbed "Operation Masquerade," to neutralize a Russian DNS hijacking network. The effort took attacker-controlled infrastructure offline and hardened compromised routers across the United States.
- APT28, also known as "Fancy Bear," compromised routers to intercept traffic and steal credentials. Linked to Russia's General Staff Main Intelligence Directorate 85th Main Special Service Center Military Unit 26165, the group targeted government, military, and critical infrastructure networks for espionage.
- Researchers identified at least 18,000 compromised devices across around 120 countries, including government and law enforcement agencies. Attackers exploited known vulnerabilities in MikroTik and TP-Link routers, hijacking DNS settings to siphon authentication tokens and passwords without deploying malware.
- FBI Boston Special Agent in Charge Ted E. Docks urges everyone with a router to secure it, update firmware, or replace it if needed. "Now we're asking everyone who has a router to secure it, update its firmware, and replace it if needed," Docks said.
- Many affected routers remain vulnerable due to age, prompting the National Cyber Security Centre to urge the public to "apply security updates promptly" and "use modern systems and software." Experts warn this campaign reflects a persistent Russian espionage strategy dating back to 2024.
17 Articles
17 Articles
Russian hackers are increasingly targeting critical infrastructure: According to constitutional protection, thousands of outdated routers worldwide have been compromised – including in Germany.
SBU recommends that all owners of routers update for themselves the model and the current version of the software, as well as immediately implement the latest security updates.
The Russian hacker group APT28, close to the state, is suspected of infiltrating routers for attacks, making it possible to access military information.
Germany Intelligence Warns TP-Link Routers Exploited By Russian Hackers To Spy On Military And Critical I
On Tuesday, Germany's domestic intelligence agency, the Federal Office for the Protection of the Constitution, warned that Russian state-linked hackers exploited weaknesses in TP-Link routers to infiltrate sensitive networks. Russian-Linked Hackers Target Global Router Networks The alert was issued alongside partners, including Germany's foreign intelligence service, the Federal Intelligence Service and the Federal Bureau of Investigation, Reute…
Constitutional protection has warned against global hacker attacks on Internet routers by a Russian group.
Constitutional protection warns against a cyber-attack from Russia. Putin's henchmen are supposed to target critical digital infrastructure.
Coverage Details
Bias Distribution
- 38% of the sources lean Left, 37% of the sources are Center
Factuality
To view factuality data please Upgrade to Premium
