Russian hackers hijack Ubiquiti routers to launch stealthy attacks

In a joint alert released with the NSA, the U.S. Cyber Command, and international partners, the FBI claims that Russian military hackers are avoiding detection by utilizing compromised Ubiquiti EdgeRouters.

These widely used and compromised routers are being used by Military Unit 26165 cyberspies, who are affiliated with Russia’s Main Intelligence Directorate of the General Staff (GRU) and are being tracked as APT28 and Fancy Bear. They are utilizing these routers to create massive botnets that aid in credential theft, NTLMv2 digest collection, and the proxing of malicious traffic.

In addition, they host phishing landing sites and customized tools for covert cyber operations aimed at governments, military forces, and other international organizations.

The joint advise cautions that EdgeRouters are frequently delivered with default passwords and little to no firewall protections read more Russian hackers hijack Ubiquiti routers to launch stealthy attacks.

Get up to date on the latest cybersecurity news and enhance your knowledge of cybersecurity with our thorough coverage of the dangers, breaches, and solutions.

Leave a Reply

Your email address will not be published. Required fields are marked *