Tag: apt28
7 articles

FBI Disrupts APT28's Router-Based Espionage Operations
The FBI recently disrupted a sneaky espionage operation run by APT28, a Russian GRU-linked group notorious for its broad reach, by cutting off their access to a network of routers they used as a launching pad for further attacks. This bold move effectively severed the group's tremendous access, putting a stop to their clever tactics.

APT28 Targets Ukraine, NATO Allies with PRISMEX Malware
Russian threat actor APT28 has launched a new campaign, deploying a previously unknown malware suite called PRISMEX to target Ukraine and its NATO allies, using clever concealment techniques to evade detection. This sophisticated attack combines steganography, COM hijacking, and legitimate cloud services to stay under the radar.

FBI Disrupts Russian Hacker Network with DNS Hijacking Takedown
In a major cyber takedown, the FBI has successfully disrupted a Russian hacker network by pulling the plug on compromised US-based routers, effectively cutting off the threat actor's malicious infrastructure. This bold move allowed authorities to neutralize the threat without relying on individual device owners to take action.

APT28 Hijacks SOHO Routers in Global DNS Espionage Push
Your home router, that innocent-looking box under your desk, can be turned against you: a Russia-linked cyber threat group, APT28, has been hijacking insecure SOHO routers worldwide to fuel a massive DNS espionage campaign. By exploiting vulnerabilities in popular router brands like MikroTik and TP-Link, they've been manipulating DNS settings to spy on unsuspecting users.

NCSC Warns of Russia's Ongoing Router Exploits
Russia's notorious hackers, Fancy Bear, are exploiting routers to steal passwords and sensitive information, compromising the security of countless individuals and organisations. With around 5,000 devices and 200 organisations already affected, experts warn that this latest threat is one to take seriously.

APT28 Hijacks Routers to Steal Credentials via Malicious DNS Servers
Beware of invisible hands rerouting your online traffic: a state-linked Russian hacking group, APT28, has been hijacking routers to intercept credentials by manipulating DNS servers, putting your online security at risk. This stealthy tactic allows them to capture user authentication data, compromising your digital identity.

Law Enforcement Disrupts APT28's Router DNS Hijack Operation
In a major breakthrough, an international coalition of law enforcement authorities and private companies has successfully disrupted a sneaky DNS hijack operation by APT28, known as FrostArmada, that targeted home network routers to steal Microsoft account credentials. This operation thwarted the hackers' plan to intercept traffic and harvest cloud account keys, protecting countless individuals from potential cyber threats.