嗯,用户让我用中文总结一篇文章,控制在100字以内,而且不需要特定的开头。我先看看文章内容。文章讲的是俄罗斯政府黑客组织Fancy Bear攻击了全球数万路由器,目的是窃取密码和访问令牌。他们利用了MikroTik和TP-Link路由器的漏洞,这些设备通常软件老旧,容易被远程攻击。攻击者通过修改路由器设置,将用户的网络请求重定向到他们控制的服务器,进而窃取信息。受害者包括政府机构、执法部门和邮件提供商等。 现在要总结这些内容,控制在100字以内。我需要抓住关键点:俄罗斯黑客、攻击路由器、窃取信息、影响范围广、受害者类型。然后用简洁的语言表达出来。 可能的结构是:俄罗斯黑客组织利用漏洞攻击路由器,窃取信息,影响全球多个机构。 再检查一下字数是否符合要求。 </think> 俄罗斯黑客组织 Fancy Bear 利用未修补漏洞攻击全球数万台路由器,窃取用户密码和令牌。受影响设备包括 MikroTik 和 TP-Link 路由器,受害者涉及政府、执法机构和邮件提供商等。 2026-4-7 17:19:8 Author: techcrunch.com(查看原文) 阅读量:2 收藏
A group of Russian government hackers have hijacked thousands of home and small business routers around the world as part of an ongoing campaign aimed at redirecting victim’s internet traffic to steal their passwords and access tokens, security researchers and government authorities warned on Tuesday.
This is the latest tactic by the long-running Russian hacking group known as Fancy Bear, or APT 28, known for its high-profile hacks and spying operations, including the breach of the Democratic National Committee in 2016 and the destructive hack that hit satellite provider Viasat in 2022. Fancy Bear is widely believed to be part of Russia’s intelligence agency GRU.
The hacking group targeted unpatched routers made by MikroTik and TP-Link using previously disclosed vulnerabilities according to the U.K. government’s cybersecurity unit NCSC and Lumen’s research arm Black Lotus Labs, which released new details of the campaign Tuesday.
According to the researchers, the hackers were able to spy on large numbers of people over the course of several years by compromising their routers, many of which run outdated software, leaving them vulnerable to remote attacks without their owners’ knowledge.
The NCSC said that these operations are “likely opportunistic in nature, with the actor casting a wide net to reach many potential victims, before narrowing in on targets of intelligence interest as the attack develops.”
Per the researchers and government advisories, the Russian hackers hacked routers to modify the device’s settings so that the victim’s internet requests are surreptitiously passed to infrastructure run by the hackers. This allows the hackers to redirect victims to spoof websites under their control, then steal passwords and tokens that let the hackers log in to that victim’s online accounts without needing their two-factor authentication codes.
Black Lotus Labs said that Fancy Bear compromised at least 18,000 victims in around 120 countries, including government departments, law enforcement agencies, and email providers across North Africa, Central America, and Southeast Asia.
Techcrunch event
San Francisco, CA | October 13-15, 2026
Microsoft, which also released details of the campaign on Tuesday, said in a blog post that its researchers identified over 200 organizations and 5,000 consumer devices affected by these hacking operations, including at least three government organizations in Africa.
The FBI is expected to announce the takedown of several domains used in this campaign by the hackers. Lumen said it was part of a coalition, including the FBI, that disrupted the botnet and took it offline.
A spokesperson for the FBI did not respond to requests for comment prior to publication.
Lorenzo Franceschi-Bicchierai is a Senior Writer at TechCrunch, where he covers hacking, cybersecurity, surveillance, and privacy.
You can contact or verify outreach from Lorenzo by emailing [email protected], via encrypted message at +1 917 257 1382 on Signal, and @lorenzofb on Keybase/Telegram.
如有侵权请联系:admin#unsafe.sh