The FBI's router takedown that cut off APT28's 'tremendous access'
8 hours ago
- #FBI Operation
- #Cyberespionage
- #APT28
- The FBI-led Operation Masquerade disrupted APT28, a Russian GRU-linked hacking group, by resetting DNS settings on over 18,000 compromised TP-Link routers.
- APT28 exploited routers to invisibly redirect internet traffic from all connected devices, granting them extensive access without deploying traditional malware, making detection difficult for users.
- The operation aligns with the U.S. cyber strategy emphasizing offensive actions against hackers and protecting critical infrastructure, with the FBI leveraging partnerships and authorities to counter threats.
- This takedown is part of a series of FBI disruptions targeting Russian hackers since 2018, evolving from domain sinkholing to actively blocking access and removing malicious capabilities from routers.