Tag: russia
-
FBI Takes Down Russian Campaign That Compromised Thousands of Routers
Tags: attack, cyber, cyberespionage, infrastructure, intelligence, network, office, router, russia, threatIn a major counter-cyberespionage action dubbed >>Operation Masquerade,<< the U.S. Justice Department and the FBI successfully neutralized a global network of compromised small office/home office (SOHO) routers. The infrastructure was controlled by Russia's Main Intelligence Directorate (GRU) to execute sophisticated Domain Name System (DNS) hijacking attacks against high-value intelligence targets. The Threat Actor and Attack…
-
Feds quash widespread Russia-backed espionage network spanning 18,000 devices
Forest Blizzard, a threat group attributed to Russia’s GRU, hijacked network traffic to steal credentials and tokens for Microsoft accounts and other services. First seen on cyberscoop.com Jump to article: cyberscoop.com/forest-blizzard-apt28-routers-espionage-campaign-operation-masquerade/
-
Russian Hackers Hit SOHO Routers in Cyberespionage Campaign
Tags: cloud, cyberespionage, dns, government, hacker, intelligence, microsoft, military, router, russia, spyHijacking DNS Settings Helps Russian Hackers Decrypt TLS Traffic, Microsoft Warns. Hackers tied to Russia’s GRU military intelligence agency are compromising SOHO routers to hijack their DNS settings and spy on the cloud activities of high-value government, IT, telecommunications and energy organizations, Microsoft warns. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/russian-hackers-hit-soho-routers-in-cyberespionage-campaign-a-31354
-
Russian Hackers Hit SOHO Routers in Cyberespionage Campaign
Tags: cloud, cyberespionage, dns, government, hacker, intelligence, microsoft, military, router, russia, spyHijacking DNS Settings Helps Russian Hackers Decrypt TLS Traffic, Microsoft Warns. Hackers tied to Russia’s GRU military intelligence agency are compromising SOHO routers to hijack their DNS settings and spy on the cloud activities of high-value government, IT, telecommunications and energy organizations, Microsoft warns. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/russian-hackers-hit-soho-routers-in-cyberespionage-campaign-a-31354
-
Russian Hackers Hit SOHO Routers in Cyberespionage Campaign
Tags: cloud, cyberespionage, dns, government, hacker, intelligence, microsoft, military, router, russia, spyHijacking DNS Settings Helps Russian Hackers Decrypt TLS Traffic, Microsoft Warns. Hackers tied to Russia’s GRU military intelligence agency are compromising SOHO routers to hijack their DNS settings and spy on the cloud activities of high-value government, IT, telecommunications and energy organizations, Microsoft warns. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/russian-hackers-hit-soho-routers-in-cyberespionage-campaign-a-31354
-
Russia Hacked Routers to Steal Microsoft Office Tokens
Hackers linked to Russia’s military intelligence units are using known flaws in older Internet routers to mass harvest authentication tokens from Microsoft Office users, security experts warned today. The spying campaign allowed state-backed Russian hackers to quietly siphon authentication tokens from users on more than 18,000 networks without deploying any malicious software or code. First…
-
Russian cyber spies targeting consumer, Soho routers
The UK’s NCSC and Microsoft have shared details of an ongoing cyber espionage campaign targeting vulnerable network routers, orchestrated by the Russian state actor Fancy Bear. First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366641403/Russian-cyber-spies-targeting-consumer-Soho-routers
-
Russian State-Linked APT28 Exploits SOHO Routers in Global DNS Hijacking Campaign
The Russia-linked threat actor known as APT28 (aka Forest Blizzard) has been linked to a new campaign that has compromised insecure MikroTik and TP-Link routers and modified their settings to turn them into malicious infrastructure under their control as part of a cyber espionage campaign since at least May 2025.The large-scale exploitation campaign has been…
-
Russian government hackers broke into thousands of home routers to steal passwords
Fancy Bear, also known as APT28, has taken over thousands of residential home routers to steal passwords and authentication tokens in a wide-ranging espionage operation. First seen on techcrunch.com Jump to article: techcrunch.com/2026/04/07/russian-government-hackers-broke-into-thousands-of-home-routers-to-steal-passwords/
-
Russia’s Fancy Bear still attacking routers to boost fake sites, NCSC warns
200 orgs and 5,000 devices compromised so far in Vlad’s latest intelligence grab, Microsoft reckons First seen on theregister.com Jump to article: www.theregister.com/2026/04/07/russia_fancy_bear_ncsc_router_attack/
-
Russian hackers hijack internet traffic using vulnerable routers
The Russian state cyber group APT28 has been compromising routers to hijack web traffic and spy on victims, the UK’s The National Cyber Security Centre (NCSC) has warned. … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/07/russian-hackers-router-hijacking-dns-credential-theft/
-
Russian APT28 Hackers Hijack Routers to Steal Credentials, UK Security Agency Warns
Newly identified malicious campaigns are linked to virtual private servers modified by APT28 to operate as malicious DNS servers First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/russia-apt28-hijack-routers-uk-ncsc/
-
Major outage cripples Russian banking apps and metro payments nationwide
A major outage hit Russian banking apps and payments, blocking card use, cash withdrawals, and mobile access for hours. A widespread outage disrupted banking apps and payment systems across Russia, leaving customers unable to pay by card, withdraw cash, or access mobile banking for hours. According to The Record Media, the incident affected major banks,…
-
UK exposes Russian cyber unit hacking home routers to hijack internet traffic
Officials said the activity centers on compromising small office and home office routers and similar network devices exposed to the internet, often because of weak security settings or outdated software. First seen on therecord.media Jump to article: therecord.media/uk-exposes-russian-cyber-unit-hacking-home-routers
-
Cyberattack on telecom giant Rostelecom disrupts internet services across Russia
A “large-scale” distributed denial-of-service (DDoS) attack targeted the network of Russian state-run telecom giant Rostelecom on Monday evening, temporarily disrupting online banking, government platforms and other digital services across dozens of cities. First seen on therecord.media Jump to article: therecord.media/rostelecom-cyberattack-disrupts-russian-internet-access
-
German authorities identify REvil and GandCrab ransomware bosses
The Federal Police in Germany (BKA) has identified two Russian nationals as the leaders of GandCrab and REvil ransomware operations between 2019 and 2021. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/german-authorities-identify-revil-and-gangcrab-ransomware-bosses/
-
German authorities identify REvil and GangCrab ransomware bosses
The Federal Police in Germany (BKA) has identified two Russian nationals as the leaders of GandCrab and REvil ransomware operations between 2019 and 2021. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/german-authorities-identify-revil-and-gangcrab-ransomware-bosses/
-
German police unmask two suspects linked to REvil ransomware gang
The suspects were named as Daniil Shchukin, a 31-year-old Russian national believed to have used the alias UNKN (UNKNOWN), and Anatoly Kravchuk, a 43-year-old Ukraine-born Russian citizen who investigators say worked as a developer for the group. First seen on therecord.media Jump to article: therecord.media/german-police-unmask-suspects-linked-revil-gandcrab
-
BKA unmasks two REvil Ransomware operators behind 130+ German attacks
German police BKA identified two key REvil ransomware members, linking them to over 130 attacks in Germany. Germany’s Federal Criminal Police (BKA) has identified two key figures behind the REvil ransomware group, linking them to more than 130 attacks in the country. The first suspect is Daniil Maksimovich Shchukin (31), a Russian national known online…
-
Major outage hits Russian banking apps, metro payments across regions
The disruption on Friday affected apps from some of the country’s largest banks, including Sberbank, VTB, Alfa-Bank, T-Bank and Gazprombank. First seen on therecord.media Jump to article: therecord.media/outage-hits-russian-banking-apps
-
Alleged REvil Leader ‘UNKN’ Identified by German Authorities in New Takedown Effort
German authorities have officially put a face to one of the most notorious names in cybercrime. The German Federal Criminal Police (BKA) recently identified 31-year-old Russian national Daniil Maksimovich Shchukin as the man behind the hacker alias >>UNKN.<< According to the BKA, Shchukin led the infamous GandCrab and REvil ransomware operations. Working alongside 43-year-old Anatoly…
-
Germany Doxes “UNKN,” Head of RU Ransomware Gangs REvil, GandCrab
An elusive hacker who went by the handle “UNKN” and ran the early Russian ransomware groups GandCrab and REvil now has a name and a face. Authorities in Germany say 31-year-old Russian Daniil Maksimovich Shchukin headed both cybercrime gangs and helped carry out at least 130 acts of computer sabotage and extortion against victims across…
-
AI Future: The Leading International AI and Web3 Forum to Take Place in April
Moscow, Russia, 3rd April 2026, CyberNewswire First seen on hackread.com Jump to article: hackread.com/ai-future-the-leading-international-ai-and-web3-forum-to-take-place-in-april/
-
Ukraine warns Russian hackers are revisiting past breaches to prepare new attacks
Tags: access, attack, breach, credentials, exploit, hacker, infrastructure, russia, ukraine, vulnerabilityIn a new report, CERT-UA said attackers are revisiting previously breached infrastructure to check whether access is still available, whether exploited vulnerabilities have been patched and whether previously obtained credentials remain valid. First seen on therecord.media Jump to article: therecord.media/ukraine-warns-russian-hackers-revisiting-old-attacks
-
Breach Roundup: Feds Confirm ‘Major’ Hack of FBI System
Also, Lloyds Data Leak, Dutch Treasury Breach, Citrix Bug Exploit, Pay2Key Activity. This week, Lloyds data leak hits 450K, Dutch treasury breach, Citrix flaw exploited, Iran-linked ransomware ops, TrueConf zero-day, Russian fraud ring sentenced, Romania targeted, patch gaps persist, and U.S. hospital breach affects 257K. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/breach-roundup-feds-confirm-major-hack-fbi-system-a-31329
-
Pro-Russian hackers pose as Ukraine’s cyber agency to target government, businesses
Tags: cyber, cybersecurity, government, group, hacker, incident, incident response, phishing, russia, ukraineA pro-Russian hacker group impersonated Ukraine’s national cyber incident response team in a phishing campaign targeting government agencies, businesses, and other institutions, Ukrainian cybersecurity officials said. First seen on therecord.media Jump to article: therecord.media/pro-russian-hackers-posing-as-ukrainian-cyber-agency
-
Pro-Russian hackers pose as Ukraine’s cyber agency to target government, businesses
Tags: cyber, cybersecurity, government, group, hacker, incident, incident response, phishing, russia, ukraineA pro-Russian hacker group impersonated Ukraine’s national cyber incident response team in a phishing campaign targeting government agencies, businesses, and other institutions, Ukrainian cybersecurity officials said. First seen on therecord.media Jump to article: therecord.media/pro-russian-hackers-posing-as-ukrainian-cyber-agency
-
Pro-Russian hackers pose as Ukraine’s cyber agency to target government, businesses
Tags: cyber, cybersecurity, government, group, hacker, incident, incident response, phishing, russia, ukraineA pro-Russian hacker group impersonated Ukraine’s national cyber incident response team in a phishing campaign targeting government agencies, businesses, and other institutions, Ukrainian cybersecurity officials said. First seen on therecord.media Jump to article: therecord.media/pro-russian-hackers-posing-as-ukrainian-cyber-agency
-
Pro-Russian hackers pose as Ukraine’s cyber agency to target government, businesses
Tags: cyber, cybersecurity, government, group, hacker, incident, incident response, phishing, russia, ukraineA pro-Russian hacker group impersonated Ukraine’s national cyber incident response team in a phishing campaign targeting government agencies, businesses, and other institutions, Ukrainian cybersecurity officials said. First seen on therecord.media Jump to article: therecord.media/pro-russian-hackers-posing-as-ukrainian-cyber-agency