Security News > 2024 > February > Russian hackers hijack Ubiquiti routers to launch stealthy attacks
Russian military hackers are using compromised Ubiquiti EdgeRouters to evade detection, the FBI says in a joint advisory issued with the NSA, the U.S. Cyber Command, and international partners.
APT28 is a notorious Russian hacking group found to be responsible for several high-profile cyber attacks since they first began operating.
A joint alert issued by U.S. and U.K. authorities also warned six years ago, in April 2018, that Russian state-backed attackers were actively targeting and hacking home and enterprise routers.
As the April 2018 advisory cautioned, Russian hackers have historically targeted Internet routing equipment to use in man-in-the-middle attacks in support of espionage campaigns, maintain persistent access to victims' networks, and lay a foundation for other offensive operations.
FBI disrupts Russian Moobot botnet infecting Ubiquiti routers.
Russian hackers shift to cloud attacks, US and allies warn.
News URL
Related news
- Microsoft and DOJ disrupt Russian FSB hackers' attack infrastructure (source)
- North Korean Hackers Using New VeilShell Backdoor in Stealthy Cyber Attacks (source)
- 100+ domains seized to stymie Russian Star Blizzard hackers (source)
- Pro-Ukrainian Hackers Strike Russian State TV on Putin's Birthday (source)
- US, UK warn of Russian APT29 hackers targeting Zimbra, TeamCity servers (source)
- Russian RomCom Attacks Target Ukrainian Government with New SingleCamper RAT Variant (source)
- Crypt Ghouls Targets Russian Firms with LockBit 3.0 and Babuk Ransomware Attacks (source)
- Notorious Hacker Group TeamTNT Launches New Cloud Attacks for Crypto Mining (source)
- Russian hackers deliver malicious RDP configuration files to thousands (source)
- North Korean govt hackers linked to Play ransomware attack (source)