Russian GRU Compromised 18,000+ Routers for Mass Token Harvesting

Russian military intelligence (GRU/APT28) hijacked DNS settings on 18,000+ vulnerable routers to intercept Microsoft OAuth tokens from 200+ orgs, bypassing MFA without malware.

surveillanceprivacycensorship-resistance

Wednesday, April 8, 2026Libertas Research1 sources

Freedom Signal:72%

Credibility:88%

1 min read

RussiaUnited StatesUnited Kingdom

[1]krebsonsecurity.comkrebsonsecurity.com — Accessed Apr 8, 2026https://krebsonsecurity.com/2026/04/russia-hacked-routers-to-steal-microsoft-office-tokens/

Russian GRU Compromised 18,000+ Routers for Mass Token Harvesting

Sources (1)