Thousands of Consumer routers hacked by Russia's military
7 hours ago
- #espionage
- #cybersecurity
- #APT28
- Russian military hackers are compromising 18,000–40,000 home and small office routers, mostly MikroTik and TP-Link models, in 120 countries.
- The attacks, attributed to APT28 (a GRU-linked group also known as Forest Blizzard), redirect users to malicious sites to steal credentials for espionage.
- Exploiting unpatched vulnerabilities, hackers alter DNS settings to proxy connections through malicious servers, targeting foreign ministries and government agencies.
- APT28 combines advanced tools like the LAMEHUG LLM with longstanding techniques, showing both sophistication and persistence despite public exposure.