Back

U.S. Disrupts Russian DNS Hijacking Network in Operation Masquerade

Severity: High (Score: 72.6)

Sources: Devdiscourse, Bostonglobe

Summary

The U.S. Justice Department announced the dismantling of a DNS hijacking network linked to Russia's GRU Military Unit 26165. This operation, named 'Operation Masquerade,' targeted thousands of routers worldwide, compromising sensitive information such as passwords and emails. The FBI, in collaboration with 15 international partners, identified and reset over 5,000 affected devices to stop ongoing espionage activities. The network was used to conduct hijacking attacks against military, governmental, and critical infrastructure sectors globally. Microsoft and Lumen Technologies' Black Lotus Labs reported that more than 200 organizations were impacted. Despite the operation's success, the Russian Embassy in Washington has not responded to inquiries. Global advisories have been issued to highlight the ongoing threat posed by Russian cyber operations. Key Points: • U.S. dismantled a Russian DNS hijacking network affecting over 5,000 devices. • Operation involved collaboration with 15 international partners to reset compromised routers. • The GRU targeted military, government, and critical infrastructure sectors worldwide.

Key Entities

  • GRU (apt_group)
  • Data Breach (attack_type)
  • Operation Masquerade (campaign)
  • Russia (country)
  • United States (country)
  • globe.com (domain)
  • Government (industry)
  • TP-Link (company)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed