Russian State-Linked APT28 Exploits SOHO Routers in Global DNS Hijacking Campaign
08.04.2026
11236
APT28 exploits SOHO routers for global DNS hijacking and adversary-in-the-middle attacks, enabling credential theft and espionage.
Russian State-Linked APT28 Exploits SOHO Routers in Global DNS Hijacking Campaign
APT28, the Russian state-linked hacking group also known as Fancy Bear or Forest Blizzard, is exploiting small office/home office (SOHO) routers in a global DNS hijacking campaign, enabling adversary-in-the-middle attacks for credential theft and espionage.
#DNS poisoning#man-in-the-middle attacks#state-sponsored hacks#cybersecurity#cyber espionage
Got a topic? Write to ATLA WIRE on Telegram:t.me/atla_community
