The UK says Russia-linked hacking group APT28 is hijacking popular internet routers from MikroTik, TP-Link, and others to steal credentials and redirect traffic
Russian government-linked hackers are compromising popular internet routers to steal passwords for email accounts and other online services …
Bloomberg Ryan Gallagher
Related Coverage
- APT28 exploit routers to enable DNS hijacking operations NCSC.GOV.UK
- UK exposes Russian cyber unit hacking home routers to hijack internet traffic The Record · Alexander Martin
- Russian hackers hijack internet traffic using vulnerable routers Help Net Security · Sinisa Markovic
- Authorities disrupt router DNS hijacks used to steal Microsoft 365 logins BleepingComputer · Bill Toulas
- Russian APT28 Hackers Hijack Routers to Steal Credentials, UK Security Agency Warns Infosecurity · Kevin Poireault
- Russian military hackers reroute British internet users' traffic Financial Times · Charles Clover
- Russia's Fancy Bear still attacking routers to boost fake sites, NCSC warns The Register · Connor Jones
- Russian government hackers broke into thousands of home routers to steal passwords TechCrunch · Lorenzo Franceschi-Bicchierai
- Russian State-Linked APT28 Exploits SOHO Routers in Global DNS Hijacking Campaign The Hacker News
- Are You Using These TP-Link Routers? Russian Hackers Are Targeting Them PCMag · Michael Kan
- Russia Hacked Routers to Steal Microsoft Office Tokens Krebs on Security · Brian Krebs
- Britain's internet routers under attack from Russian ‘cyberspies’, experts say Mirror · Lucy Thornton
- Russian cyber spies targeting consumer, Soho routers ComputerWeekly.com · Alex Scroxton
- Germany intelligence agency warns of Russian APT28 cyber spying Reuters · Maria Martinez
Discussion
-
@baddcompani
@baddcompani
on x
APT28! Fancy Bear!
-
@bushidotoken
Will
on x
Russian GRU hitting poorly made, badly secured MikroTik and TP-Link routers for intelligence gathering, a familiar story...
-
@ncsc
@ncsc
on x
🚨 The UK has exposed Russian military intelligence targeting vulnerable routers to support cyber attacks. A new advisory from the NCSC reveals how state-linked group APT28 exploited vulnerable edge devices to conduct DNS hijacking operations. https://www.ncsc.gov.uk/...
-
@thehackersnews
@thehackersnews
on x
🚨 WARNING - APT28 ran a global router hijack to steal credentials. The group compromised MikroTik and TP-Link devices, rewrote DNS settings, and redirected traffic for credential theft at scale — impacting 18,000+ IPs across 120 countries, including government and cloud [image]
-
@metacurity.com
Cynthia Brumfield
on bluesky
Add this development to the growing pile of incredibly imporant cyber security news to know today. [embedded post]