Thousands of consumer routers have been quietly hijacked by Russia’s GRU, transforming everyday devices into espionage tools. This investigation reveals the technical tricks behind the operation and why your home Wi-Fi could be at risk.
APT28’s FrostArmada campaign turned everyday home and office routers into global espionage tools, hijacking DNS traffic and stealing sensitive credentials from thousands of organizations worldwide.
British intelligence has exposed a Russian cyber unit’s campaign to hijack home and small business routers, rerouting internet traffic for espionage. The NCSC urges urgent action to secure vulnerable devices.
DNife, a sophisticated China-linked spyware toolkit, has been hijacking routers and edge devices worldwide since 2019. By embedding itself at the network gateway, it intercepts, monitors, and manipulates data from every connected device—leaving users vulnerable to surveillance and attack.
Global attackers exploited outdated home routers, rerouting web traffic through Aeza International—a US-sanctioned Russian bulletproof host—using DNS hijacking. Victims’ browsing was quietly redirected and monetized via malicious ad networks, exposing the dangers of neglecting router security.
Shadow DNS malware exploits router vulnerabilities to reroute internet traffic through rogue servers, enabling scams and malware. Learn how the attack works, its impacts, and critical defenses for your network.
GreyNoise’s free IP checker reveals if your home router is secretly involved in cyberattacks, making invisible threats visible and helping users secure their networks.