🚨 Router sind das neue Einfallstor
APT28 greift gezielt Geräte wie den TP-Link WR841N an

Kein Login nötig
DNS wird manipuliert
Daten werden abgefangen


#cybersecurity #apt28 #dnshijack #routersecurity #wasacon

Russian State-Linked APT28 Exploits SOHO Routers in Global DNS Hijacking Campaign Russia-linked APT28 (aka Forest Blizzard) conducted a campaign codenamed FrostArmada that compromised insecure MikroTik and TP‑Link SOHO routers to change DNS settings and hijack local network traffic for passive collection and AiTM credential theft. Active since May 2025 and peaking in December with communications from over 18,000 IPs across 120 countries,...

Russian-linked APT28 exploited insecure MikroTik and TP-Link SOHO routers in a global DNS hijacking campaign dubbed FrostArmada, targeting 120 countries and stealing credentials via AiTM attacks. #Russia #DNSHijack #RouterExploit

US Disrupts Russian Military DNS Hijack Network DOJ announced on Apr 7, 2026 it disrupted a Russian military-run DNS hijacking network; the action involved DOJ and FBI legal filings and seizure of multiple domains.

US Disrupts Russian Military DNS Hijack Network: DOJ announced on Apr 7, 2026 it disrupted a Russian military-run DNS hijacking network; the action involved DOJ and FBI legal filings and seizure of multiple domains. 👈 Read full analysis #CyberSecurity #DNSHijack #FBI #DOJ #MilitaryOperations

Authorities disrupt router DNS hijacks used to steal Microsoft 365 logins An international law enforcement operation with private partners disrupted FrostArmada, an APT28 campaign that hijacked MikroTik and TP‑Link SOHO routers to redirect DNS traffic and steal Microsoft account credentials and OAuth tokens. Microsoft and Lumen’s Black Lotus Labs mapped the activity and, with the FBI, the U.S. Department of Justice, and Polish authorities, took the malicious infrastructure offline. #FrostArmada #APT28

International law enforcement, Microsoft, and Lumen disrupted FrostArmada’s DNS hijack operation targeting MikroTik and TP-Link routers to steal Microsoft 365 credentials. APT28 linked to Russia’s GRU unit exposed. #DNSHijack #APT28 #Poland

Original post on misskey.sangeunahna.com

Widih, ternyata #rusia berguru sama #indonesia tentang cara #sensor internet.

www.techradar.com/vpn/vpn-privacy-security...

#censorship #dns #dnshijack #deeppacket […]

Sanctioned Bulletproof Host Linked to Hijacking of Old Home Routers A DNS hijacking campaign abusing old home routers redirected traffic via servers run by Aeza International, a US sanctioned Russian hosting provider.

📢 🛜 ⚠️ Old routers in 30+ countries had DNS settings hijacked, routing traffic through servers linked to a sanctioned Russian bulletproof host before sending users to malicious sites.

Read: hackread.com/sanctioned-b...

#CyberSecurity #DNSHijack #Router #CyberAttack #CyberCrime