"The hacking group Fancy Bear, believed to be part of Russia's military intelligence agency GRU, exploited vulnerabilities in MikroTik and TP-Link routers running outdated software. By modifying router settings, the hackers redirected victims' internet requests to spoofed websites under their control, harvesting login credentials and access tokens that allowed them to bypass two-factor authentication entirely."
"Research from Lumen's Black Lotus Labs identified victims across government departments, law enforcement agencies, and email providers in North Africa, Central America, and Southeast Asia. Microsoft's analysis found over 200 affected organizations and 5,000 compromised consumer devices, including at least three government organizations in Africa."
"The campaign's heaviest concentration in the Global South illustrates how the global gap in basic digital hygiene creates exploitable intelligence pipelines. The structural logic is worth noting: compromise cheaply at massive scale first, then filter for high-value targets afterward."
Russian intelligence-linked hackers, identified as Fancy Bear, compromised thousands of home and small business routers through DNS hijacking. They exploited vulnerabilities in outdated MikroTik and TP-Link routers, redirecting internet requests to spoofed sites to harvest credentials. The operation targeted government departments and law enforcement across North Africa, Central America, and Southeast Asia, with over 5,000 devices affected. The campaign highlighted the cybersecurity gaps in the Global South, where infrequent firmware updates and weak infrastructure made devices vulnerable to exploitation.
Read at Silicon Canals
Unable to calculate read time
Collection
[
|
...
]