Asger Risom
US authorities say Russian hackers used everyday internet routers in a global espionage campaign, exploiting vulnerabilities to steal sensitive data from targets worldwide.
A widespread cyber-espionage operation linked to Russian military intelligence has targeted everyday internet devices across multiple countries, US authorities say.
The campaign highlights how common household technology can be exploited to access sensitive data worldwide.
According to a statement from the US Department of Justice, the operation was carried out by a GRU unit known as APT28, also referred to as Fancy Bear and other aliases.
Investigators said the group exploited vulnerabilities in internet routers—devices widely used in homes and offices—to infiltrate networks and gather intelligence.
Routers turned into tools
The hackers used compromised routers to carry out DNS hijacking, a method that redirects users from legitimate websites to malicious ones controlled by attackers.
Through this technique, they were able to capture passwords, login credentials, emails and browsing data.
Targets included individuals working in government, military and critical infrastructure sectors, according to US authorities.
Global operation
The investigation involved intelligence agencies from around 15 countries, reflecting the scale of the campaign.
Authorities said the operation affected a wide range of entities globally, underscoring the reach of the group’s activities.
Routers produced by manufacturers such as TP-Link were among those reportedly targeted.
Security warnings
Officials are urging users to take basic cybersecurity precautions to reduce risk.
Recommended measures include replacing outdated devices, installing firmware updates and restricting unauthorized remote access.
The case adds to growing concerns over state-backed cyber operations targeting civilian infrastructure as part of broader geopolitical tensions.
Sources: US Department of Justice, FBI
