The GRU could be snooping on unsecured routers to intercept sensitive internet traffic, including credentials and authentication tokens that can be used to compromise personal and work accounts. In particular, GRU has been targeting routers belonging to workers in the military, government, and critical infrastructure industries.
Tag: #threatactors
Iranian Hackers Deploy New BugSleep Backdoor in Middle East Cyber Attacks
“These compromised accounts serve as valuable resources, enabling the group to enhance the credibility and effectiveness of their spear-phishing efforts, establish persistence within targeted organizations, and evade detection by blending in with legitimate network traffic.”