Cyber specialists from Estonia’s Internal Security Service (KaPo) have uncovered and stopped a large-scale espionage operation by Russian hackers targeting Estonian internet users through compromised routers, the agency reported, as reported by KaPo press service.
The agency noted that neutralizing the threat was the result of close cooperation with international partners. The operation dealt a significant blow to the infrastructure of the APT 28 group, which is linked to Russian military intelligence (GRU).
During the investigation, it was established that the attackers exploited vulnerabilities in network equipment to conduct covert surveillance and collect data.
Estonian security services not only identified these channels but also fully eliminated the security gaps in the affected devices, completely cutting off the hackers’ access to citizens’ personal and corporate information. KaPo emphasized that their actions represent a significant contribution to global deterrence of the GRU unit responsible for numerous cyberattacks worldwide.
The Estonian side also highlighted a warning from the U.S. FBI, which detailed this espionage method. Russian hackers from APT 28 have for years used home and office routers to create botnets and conduct intelligence operations, attempting to remain undetected by standard monitoring systems.
