TTPwire Vol. 1 · MITRE ATT&CK·Tagged

← All stories

Infosecurity Magazine

US Thwarts DNS Hijacking Network Controlled by Russian APT28 Hackers

2026-04-08 · Read original ↗

ATT&CK techniques detected

4 predictions
T1557.001Name Resolution Poisoning and SMB Relay
77%
“us thwarts dns hijacking network controlled by russian apt28 hackers a large - scale network of internet routers compromised by russian hacking group apt28 to harvest credentials from victims of intelligence value has been taken down in the us. the us department of justice ( doj …”
T1584.008Network Devices
65%
“impact the routers ’ normal functionality or collect the legitimate users ’ content information. “ the court - authorized steps to remediate compromised routers can be reversed by legitimate users at any time through factory resets with hardware reset buttons, ” said the doj stat…”
T1584.002DNS Server
39%
“us attorney for the eastern district of pennsylvania, said : “ russian military intelligence once again hijacked americans ’ hardware to commandeer critical data. in the face of continued aggression by our nation - state adversaries, the us government will respond just as aggress…”
T1557.001Name Resolution Poisoning and SMB Relay
32%
“us attorney for the eastern district of pennsylvania, said : “ russian military intelligence once again hijacked americans ’ hardware to commandeer critical data. in the face of continued aggression by our nation - state adversaries, the us government will respond just as aggress…”

Summary

The FBI deployed a method to unplug US-based routers compromised by APT28 from the threat actor’s malicious network