## Fancy Bear (APT28) Hijacks Thousands of Home Routers in Global Password Theft Campaign
Russian state-linked hackers have seized control of thousands of residential home routers worldwide, using them as a covert platform to steal passwords and authentication tokens. The operation, attributed to the group known as Fancy Bear or APT28, represents a significant escalation in cyber espionage tactics, moving beyond traditional enterprise targets to exploit the often poorly secured devices in private homes.

The campaign, detailed in a new report, reveals that the hackers are not just passively monitoring traffic but actively compromising routers to harvest credentials. This method provides a stealthy vantage point, allowing the group to intercept sensitive data from unsuspecting users before it reaches encrypted services. The scale is notable, involving 'thousands' of devices, indicating a broad, systematic effort rather than a targeted attack.

The implications extend beyond individual privacy. Compromised routers can be used to launch further attacks, mask the origin of espionage activities, and create a resilient botnet for future operations. This incident underscores the persistent threat posed by state-sponsored groups to global digital infrastructure and highlights the critical security vulnerabilities in consumer-grade networking equipment that many individuals and even small businesses rely on.
---
- **Source**: Fancy Bear (APT28) / Russian GRU
- **Sector**: The Network
- **Tags**: cyber espionage, APT28, router security, state-sponsored hacking, credential theft
- **Credibility**: unverified
- **Published**: 2026-04-07 17:27:26
- **ID**: 53537
- **URL**: https://whisperx.ai/en/intel/53537