The FBI’s Boston office and the Department of Justice led a national action to disrupt Russian government hackers who infiltrated computer routers in offices, homes and small businesses in the United States and commandeered sensitive military, government, and infrastructure information, the agencies announced Tuesday.
Dubbed “Operation Masquerade,” the campaign neutralized the U.S. portion of a cyber crime unit operated by Russia’s Main Intelligence Directorate of the General Staff, or GRU, the agencies said in statements.
The Russian hackers “weaponized routers” in more than 23 states, Ted E. Docks, FBI’s special agent in charge of the Boston field office, said in one of the statements.
“The FBI utilized cutting edge technology and leveraged our private sector and international partners to unmask this malicious activity and remediate routers,” Docks said.
“Now we’re asking everyone who has a router to secure it, update its firmware, and replace it if needed,” Docks said. “By working together, we can guard against nefarious nation state actors trying to compromise our national security.”
The Russian government has been initiating hacking campaigns and targeting vulnerable routers since at least 2024, federal authorities said.
“The GRU’s predatory use of networks in American homes and businesses for its malicious cyber operations remains a serious and persistent threat,” Assistant Attorney General for National Security John A. Eisenberg said in a statement.
In this instance, the hackers stole credentials connected to TP-Link routers across the globe and manipulated their settings to redirect information to Russian-controlled servers. They harvested unencrypted passwords, authentication tokens, emails, and other sensitive information from devices on the same network as the compromised TP-Link routers, the DOJ said.
“Russian military intelligence once again hijacked Americans’ hardware to commandeer critical data,” U.S. Attorney David Metcalf, for the Eastern District of Pennsylvania, said in a statement. “In the face of continued aggression by our nation-state adversaries, the U.S. government will respond just as aggressively.”
Brett Leatherman, assistant director of FBI’s Cyber Division, said the scale of the cyber crimes conducted by the Russians for espionage purposes called for more than a warning.
“Given the scale of this threat, sounding the alarm wasn’t enough,” Leatherman said. “The FBI conducted a court-authorized operation to harden compromised routers across the United States.”
Authorities urged anyone with a router to conduct a factory reset with hardware reset buttons. Compromised routers can be remediated by logging into web management pages and restoring factory default, according to the DOJ. For detailed instructions click here.
Additional remediation guidance also is provided in a separate PSA.
Anyone who believes they have a compromised router, should contact your local FBI field office or file a report with the FBI’s Internet Crime Complaint Center.
Tonya Alanez can be reached at tonya.alanez@globe.com. Follow her @talanez.
Click Here For The Original Source.
