Cybercriminals Forge Alliances via Compromised Routers

Summary:

APT28 threat actors utilized compromised EdgeRouters to execute covert cyber operations, repurposing Ubiquiti EdgeRouter routers for a range of nefarious activities. With root access to compromised Ubiquiti EdgeRouters, they possess unrestricted control over Linux-based operating systems, allowing for the installation of tools and the concealment of their identities during malicious campaigns.

Threat Level – Red | Attack Report

To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.