APT28
MITRE G0007 · Country RU
Linked coverage
- Polish water plants breached by Russian APT via weak passwords
- AI Powered Scams Rise as Deepfake Calls Cost Firms Millions
- CISA Flags Actively Exploited CVE-2024-1708 and Windows Flaw
- Microsoft Warns of Active Exploit in CVE-2026-32202 Spoof Flaw
- APT28 exploits Windows SmartScreen gap for zero click LNK attacks
- RegPhantom Rootkit Lets Attackers Gain Kernel Access on Windows
- Malicious npm Strapi Packages Spread Redis RCE and Steal Data
- Trend Micro Exposes Fancy Bears Prismex Malware Targeting Ukraine
- APT28's Year Long Router Hijacking Campaign Exposes World Traffic
- Russia-linked APT28 uses PRISMEX to infiltrate Ukraine and allied infrastructure with advanced tactics
- APT28 Deploys New PRISMEX Malware Against Ukraine and NATO Allies
- UK warns Russian hackers hijack home routers for spying
- APT28 hijacks routers worldwide to steal passwords via DNS attack
- Russian APT28 hijacks home routers to steal credentials
- US Disrupts Russian Espionage Operation Involving Hacked Routers and DNS Hijacking
- US and FBI shut down Russian hackers' router hijacking network
- APT28 hijacks routers worldwide in DNS based FrostArmada campaign
- APT28 exploits SOHO routers via CVE‑2023‑50224 to steal credentials
- Forest Blizzard hijacks routers to spy via AI enabled DNS attacks
- NCSC Warns Russian APT28 Hijacks Routers for DNS Attacks
- APT28 exploits routers to redirect DNS, stealing credentials