18,000 victims of the Russian attack, which was launched to steal passwords

A Russian hacker group with a government background has gained access to thousands of home and corporate network devices as part of an ongoing malicious campaign, security researchers and authorities warn.

THE TechCrunch article, the purpose of the operation is to redirect victims’ Internet traffic in order to steal their passwords and access tokens. The Russian hacking group, also known as Fancy Bear and APT 28, is behind the malicious activity and is targeting devices made by MikroTik and TP-Link – those that no longer receive security patches.

Known security holes are used for the operation, according to the UK government’s cyber security agency, NCSC, and Black Lotus Labs. Experts believe that the hackers, often associated with the Russian military intelligence (GRU), were able to spy on a large number of people for several years. All they had to do was exploit routers running outdated software – the victim had no idea what was going on.

https://hvg.hu/tudomany/20260407_oroszorszag-vpn-korlatozas-hiba-banki-szolgaltatasok-leallas

According to the NCSC, at the beginning of the operations, the attackers cast a “wide net” and then filter out targets of interest from an intelligence point of view. According to Black Lotus Labs, there could be around 18,000 victims of the operation in 120 countries.

It is advisable to always install software updates issued for network devices – if no more security patches are received, it is advisable to switch to a new device that is still supported.

If you want to know about similar things at other times, like it the Fbhtechinfo Facebook page.