Tag: hijack Ubiquiti routers

Russian hackers hijack Ubiquiti routers to launch stealthy attacks
News

Russian hackers hijack Ubiquiti routers to launch stealthy attacks

In a joint alert released with the NSA, the U.S. Cyber Command, and international partners, the FBI claims that Russian military hackers are avoiding detection by utilizing compromised Ubiquiti EdgeRouters. These widely used and compromised routers are being used by Military Unit 26165 cyberspies, who are affiliated with Russia's Main Intelligence Directorate of the General Staff (GRU) and are being tracked as APT28 and Fancy Bear. They are utilizing these routers to create massive botnets that aid in credential theft, NTLMv2 digest collection, and the proxing of malicious traffic. In addition, they host phishing landing sites and customized tools for covert cyber operations aimed at governments, military forces, and other international organizations. The joint advise cautions th...