Russian Hackers Target Ubiquiti Routers in Global Cyber Operations

The FBI disrupts a GRU botnet but warns that device owners must take action to secure their routers against future attacks.

US and international law enforcement warn of Russian hackers using compromised Ubiquiti EdgeRouters for cyber operations.
The FBI disrupted a GRU botnet but urges owners to take remedial actions to ensure long-term success of the disruption.
APT28, a Russian state-sponsored group, has exploited various industries and targeted multiple countries including the US.
Owners are advised to perform hardware factory resets, upgrade firmware, change default credentials, and implement firewall rules.
The operation against APT28 only temporarily blocked the group and did not patch vulnerabilities or remove weak credentials.