✅ GOOD - FBI dismantles GRU/APT28 DNS hijacking network — 23+ states, thousands of routers, criti...

Russia's GRU/APT28 compromised thousands of routers across 23+ US states through DNS hijacking targeting critical infrastructure. Affected devices had malicious DNS configurations redirecting traffic to attacker-controlled servers. ISPs are notifying customers, but any organization with on-premises routers or managed network infrastructure may still harbor compromised devices.

CRITICALAdvisoryApr 12, 2026

Action required

Audit all edge routers and DNS configurations across your environment immediately. Cross-reference against ISP notifications, verify DNS servers are legitimate, and check router logs for unauthorized configuration changes dating back 6+ months. Reset any devices with suspicious DNS settings.

Linked articles

✅ GOOD - FBI dismantles GRU/APT28 DNS hijacking network — 23+ states, thousands of routers, criti...

Source links

https://x.com/SentinelOne/status/2042709883104170045