Security News > 2024 > February > Russian hackers hijack Ubiquiti routers to launch stealthy attacks
Russian military hackers are using compromised Ubiquiti EdgeRouters to evade detection, the FBI says in a joint advisory issued with the NSA, the U.S. Cyber Command, and international partners.
APT28 is a notorious Russian hacking group found to be responsible for several high-profile cyber attacks since they first began operating.
A joint alert issued by U.S. and U.K. authorities also warned six years ago, in April 2018, that Russian state-backed attackers were actively targeting and hacking home and enterprise routers.
As the April 2018 advisory cautioned, Russian hackers have historically targeted Internet routing equipment to use in man-in-the-middle attacks in support of espionage campaigns, maintain persistent access to victims' networks, and lay a foundation for other offensive operations.
FBI disrupts Russian Moobot botnet infecting Ubiquiti routers.
Russian hackers shift to cloud attacks, US and allies warn.
News URL
Related news
- North Korean Kimsuky Hackers Use Russian Email Addresses for Credential Theft Attacks (source)
- Russian hackers hijack Pakistani hackers' servers for their own attacks (source)
- Russian hackers hijack Pakistani hackers' servers for their own attacks (source)
- Russian hackers use RDP proxies to steal data in MiTM attacks (source)
- Hackers increasingly use Winos4.0 post-exploitation kit in attacks (source)
- Iranian Hackers Use "Dream Job" Lures to Deploy SnailResin Malware in Aerospace Attacks (source)
- Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails (source)
- Iranian Hackers Deploy WezRat Malware in Attacks Targeting Israeli Organizations (source)
- Russian Hackers Deploy HATVIBE and CHERRYSPY Malware Across Europe and Asia (source)
- Hackers breach US firm over Wi-Fi from Russia in 'Nearest Neighbor Attack' (source)