Subject: Joint Advisory warns of Russian cyber actors use of compromised routers

AlertsUSA Logo - Allow Images

SMS Alert Text:


FBI/NSA/DHS issue joint advisory warning of Russian cyber actors use of compromised Ubiquiti EdgeRouters for malicious cyber operations worldwide. See email.



Supplemental Info:



BACKGROUND


Ubiquiti Inc. is an American technology company founded in San Jose, CA in 2003. Now based in New York City, Ubiquiti manufactures and sells wireless data communication and wired products for enterprises and homes under multiple brand names.


In general, an edge router enables an internal network to connect to external networks.



SUMMARY


The Federal Bureau of Investigation (FBI), National Security Agency (NSA), US Cyber Command, and international partners are releasing this joint Cybersecurity Advisory (CSA) to warn of Russian state-sponsored cyber actors’ use of compromised Ubiquiti EdgeRouters (EdgeRouters) to facilitate malicious cyber operations worldwide. The FBI, NSA, US Cyber Command, and international partners – including authorities from Belgium, Brazil, France, Germany, Latvia, Lithuania, Norway, Poland, South Korea, and the United Kingdom -- assess the Russian General Staff Main Intelligence Directorate (GRU), 85th Main Special Service Center (GTsSS), also known as APT28, Fancy Bear, and Forest Blizzard (Strontium), have used compromised EdgeRouters globally to harvest credentials, collect NTLMv2 digests, proxy network traffic, and host spear-phishing landing pages and custom tools.


View the full advisory:


https://media.defense.gov/2024/Feb/27/2003400753/-1/-1/0/CSA-RUSSIAN-ACTORS-USE-ROUTERS-FACILITATE-CYBER_OPERATIONS.PDF


https://www.ic3.gov/Media/News/2024/240227.pdf


Service Notes:

This email message is a component of the AlertsUSA Homeland Security Threat and Incident Notification Service for mobile devices. You have paid for this service and are encouraged to archive these messages.


Service Issues? Let Us Know:

service@AlertsUSA.com


Discount Subscription (share w/ friends):

https://AlertsUSA.com/pages/ausab7


Threat Journal Weekly Newsletter:

https://ThreatJournal.com 


Connect With Us On Social Media:

Twitter: https://twitter.com/AlertsUSA

Twitter: https://twitter.com/ThreatJournal

Facebook: https://www.facebook.com/AlertsUSA

AlertsUSA

Homeland Security Threat and Incident
Notification via Your Mobile Device