"The operation, attributed to the GRU-linked hacking group Fancy Bear (APT 28), turned at least 18,000 devices into silent surveillance nodes capable of harvesting passwords, session tokens, and government credentials at scale."
"Once inside a router, the hackers modified its DNS settings, redirecting victims to spoofed lookalike sites under the hackers' control, which harvested passwords and session tokens."
"The NCSC assessed that the operations appeared opportunistic in nature, with attackers casting a wide net before focusing on specific intelligence targets."
Russia's GRU, through the hacking group Fancy Bear, exploited vulnerabilities in consumer routers to create a global intelligence collection platform. This operation affected at least 18,000 devices across 120 countries, allowing the hackers to harvest sensitive information like passwords and government credentials. The method involved DNS hijacking, redirecting users to fake sites to capture data. The campaign was opportunistic, initially compromising routers indiscriminately before targeting specific intelligence objectives, reflecting a bulk signals intelligence approach rather than traditional hacking methods.
Read at Silicon Canals
Unable to calculate read time
Collection
[
|
...
]