Security News > 2024 > February > Russian hackers hijack Ubiquiti routers to launch stealthy attacks
Russian military hackers are using compromised Ubiquiti EdgeRouters to evade detection, the FBI says in a joint advisory issued with the NSA, the U.S. Cyber Command, and international partners.
APT28 is a notorious Russian hacking group found to be responsible for several high-profile cyber attacks since they first began operating.
A joint alert issued by U.S. and U.K. authorities also warned six years ago, in April 2018, that Russian state-backed attackers were actively targeting and hacking home and enterprise routers.
As the April 2018 advisory cautioned, Russian hackers have historically targeted Internet routing equipment to use in man-in-the-middle attacks in support of espionage campaigns, maintain persistent access to victims' networks, and lay a foundation for other offensive operations.
FBI disrupts Russian Moobot botnet infecting Ubiquiti routers.
Russian hackers shift to cloud attacks, US and allies warn.
News URL
Related news
- Russian hackers use RDP proxies to steal data in MiTM attacks (source)
- 390,000 WordPress accounts stolen from hackers in supply chain attack (source)
- Hackers Use Microsoft MSC Files to Deploy Obfuscated Backdoor in Pakistan Attacks (source)
- Malware botnets exploit outdated D-Link routers in recent attacks (source)
- Hackers exploit Four-Faith router flaw to open reverse shells (source)
- Chinese hackers targeted sanctions office in Treasury attack (source)
- Mirai Botnet Variant Exploits Four-Faith Router Vulnerability for DDoS Attacks (source)
- Russian ISP confirms Ukrainian hackers "destroyed" its network (source)
- Hackers exploit critical Aviatrix Controller RCE flaw in attacks (source)
- Hackers use FastHTTP in new high-speed Microsoft 365 password attacks (source)