Skip to content
Tech News
← Back to articles

Russia's Forest Blizzard Nabs Rafts of Logins Via SOHO Routers

2026-04-09 | original
read original get Wi-Fi Router Security Kit → more articles
Why This Matters

This article highlights a sophisticated cyber espionage tactic where Russian APT28 exploits vulnerabilities in SOHO routers by altering DNS settings, enabling widespread access without traditional malware. It underscores the importance of robust router security for both organizations and consumers to prevent unauthorized surveillance and data breaches.

Key Takeaways

Heard of fileless malware? How about malwareless cyber espionage? Russia's APT28 is spying on global organizations by modifying just one DNS setting in vulnerable routers.

Explore topics: russia apt28 soho routers dns malware
Related:
Inside the Race to Protect Submarine Cables From Sabotage
Russian state hackers are hijacking TP-Link and MicroTik routers to steal Outlook credentials, cybersecurity center warns — APT28 group targets DNS and redirects traffic to attacker-controlled servers
Thousands of consumer routers hacked by Russia's military
Russian Government Hackers Broke Into Thousands of Home Routers To Steal Passwords
Russia Hacked Routers to Steal Microsoft Office Tokens

© 2026 GoKawiil

About | Editorial Policy | Contact