- Category
- Latest news
Private Wi-Fi Routers Targeted in Global Russia-Linked Cyber Operation
- Authors
![Photo of Katherina Popilnichenko]( "Photo of Katherina Popilnichenko")
-c439b7bd9030ecf9d5a4287dc361ba31.jpg "Photo of Katherina Popilnichenko")
The Security Service of Ukraine (SBU) has conducted a coordinated cyber operation alongside the FBI, Polish counterintelligence, and EU law enforcement to stop Russian intelligence activities across Ukraine and partner nations.
The international effort revealed that Russian military intelligence, known as the GRU, hacked numerous office and home Wi-Fi routers belonging to both Ukrainian and foreign citizens.
We bring you stories from the ground. Your support keeps our team in the field.
Investigators found that Russian operatives specifically targeted routers that did not meet modern security standards. After gaining access to these vulnerable internet devices, the hackers redirected their traffic through a network of DNS servers.
This allowed them to act as intermediaries in the digital space to collect passwords, authentication tokens, and other sensitive information. This included emails that are typically protected by SSL and TLS cryptographic protocols.
The Russian intelligence services intended to use the stolen information for future cyberattacks, information sabotage, and general intelligence gathering.
The GRU focused particularly on information exchanged by employees and military personnel of government agencies, units of the Ukrainian Defense Forces, and defense industry enterprises.
The joint operation successfully blocked more than 100 servers and removed hundreds of routers from Russian control within Ukraine alone. These actions significantly weakened the reconnaissance capabilities of Russian military intelligence and prevented the software-level destruction of the equipment.
-77f0f6559a1a291b17f6e172a02ba587.jpg)
The SBU and its Western partners are continuing their efforts to hold all individuals involved in these cybercrimes accountable.
The SBU advises all router owners to check their device models and software versions to ensure they have the latest security updates and to install them immediately.
A significant internet disruption swept across Russia on the evening of April 6, impacting major banks, mobile providers, and government services.
Monitoring data showed that systems for Rostelecom, Sberbank, and the state services portal faced major operational issues, which experts linked to the "overstrain" of Roskomnadzor’s technical tools used for network blocking.
This massive failure followed a similar collapse of the country's financial infrastructure just days earlier, highlighting a growing degradation of network connectivity as authorities increased digital restrictions.
-111f0e5095e02c02446ffed57bfb0ab1.jpeg "Photo of Roman Kohanets")
