Russian Espionage Campaign Targets Home Routers
ATT&CK techniques detected
T1557.001Name Resolution Poisoning and SMB Relay
90%
“russian espionage campaign targets home routers the threat actor targets unprotected routers and manipulates their dns settings so that traffic to certain domains gets redirected to an adversary - in - the - middle ( aitm ) site, where credentials and tokens to the actual site ca…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1557Adversary-in-the-Middle
69%
“russian espionage campaign targets home routers the threat actor targets unprotected routers and manipulates their dns settings so that traffic to certain domains gets redirected to an adversary - in - the - middle ( aitm ) site, where credentials and tokens to the actual site ca…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1190Exploit Public-Facing Application
60%
“router. the attacks described appear to have primarily been directed against old mikrotik and tp - link routers, but theoretically any router could be breached this way. routers normally do not have nearly as much protection as computer clients and servers. this is a reminder tha…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
The threat actor targets unprotected routers and manipulates their DNS settings so that traffic to certain domains gets redirected to an adversary-in-the-middle (AitM) site, where /../
The post Russian Espionage Campaign Targets Home Routers appeared first on Truesec.