UK TimesUK Times
  • Home
  • News
  • TV & Showbiz
  • Money
  • Health
  • Science
  • Sports
  • Travel
  • More
    • Web Stories
    • Trending
    • Press Release
What's Hot
One rule for Messi, another for Balogun? USA striker sees red in World Cup after controversial VAR call – UK Times

One rule for Messi, another for Balogun? USA striker sees red in World Cup after controversial VAR call – UK Times

2 July 2026
French Open champion Mirra Andreeva hurls her racquet and yells ‘I QUIT’ after being knocked out of Wimbledon in the second round by 2024 winner Barbora Krejcikova

French Open champion Mirra Andreeva hurls her racquet and yells ‘I QUIT’ after being knocked out of Wimbledon in the second round by 2024 winner Barbora Krejcikova

2 July 2026
Russian attack on Ukraine shakes Kyiv for hours – UK Times

Russian attack on Ukraine shakes Kyiv for hours – UK Times

2 July 2026
Facebook X (Twitter) Instagram
Facebook X (Twitter) Instagram
UK TimesUK Times
Subscribe
  • Home
  • News
  • TV & Showbiz
  • Money
  • Health
  • Science
  • Sports
  • Travel
  • More
    • Web Stories
    • Trending
    • Press Release
UK TimesUK Times
Home » APT28 exploit routers to enable DNS hijacking operations | National Cyber Security Centre
News

APT28 exploit routers to enable DNS hijacking operations | National Cyber Security Centre

By uk-times.com12 April 2026No Comments2 Mins Read
Facebook Twitter LinkedIn Telegram Pinterest Tumblr Reddit WhatsApp Email
Share
Facebook Twitter LinkedIn Pinterest Email

The AitM activity could be conducted against both user browser sessions and desktop applications. Harvested authentication material could include both passwords and OAuth or similar authentication tokens. Subsequent malicious logins using this stolen data may originate from further infrastructure not listed in this advisory.

It is believed that the DNS hijacking operations are opportunistic in nature, with the actor gaining visibility of a large pool of candidate target users then filtering down users at each stage in the exploitation chain to triage for victims of likely intelligence value.

TP-Link router exploitation

One of the router models that APT28 exploited for their DNS poisoning operations was the TP-Link WR841N, likely using CVE-2023-50224 [T1584.008, T1588.006]. This vulnerability enables an unauthenticated attacker to obtain information such as password credentials via specially crafted HTTP GET requests.

Having obtained the credentials for a router, the actor was then able to send a second specially crafted HTTP GET request to alter the DHCP DNS settings of that router.

The GET request would typically set the router’s primary DNS server to a malicious IP address, whilst also setting the secondary DNS server to the original primary DNS server’s IP address. On occasion both the primary and secondary DNS server had been set to malicious IP addresses, indicating that a router had likely been exploited multiple times.

Other TP-Link router models were also targeted by APT28 to enable their DNS hijacking operations.  A list can be found in the Indicators of Compromise section.
 

Share. Facebook Twitter Pinterest LinkedIn Tumblr Telegram Email

Related News

One rule for Messi, another for Balogun? USA striker sees red in World Cup after controversial VAR call – UK Times

One rule for Messi, another for Balogun? USA striker sees red in World Cup after controversial VAR call – UK Times

2 July 2026
Russian attack on Ukraine shakes Kyiv for hours – UK Times

Russian attack on Ukraine shakes Kyiv for hours – UK Times

2 July 2026
Taylor Swift and Travis Kelce invite Knicks heroes to MSG wedding: report – UK Times

Taylor Swift and Travis Kelce invite Knicks heroes to MSG wedding: report – UK Times

2 July 2026
China’s Inner Mongolia bets on solar and wind but coal stays close – UK Times

China’s Inner Mongolia bets on solar and wind but coal stays close – UK Times

2 July 2026
Former NBA star Malik Beasley pleads not guilty in gambling scandal – UK Times

Former NBA star Malik Beasley pleads not guilty in gambling scandal – UK Times

2 July 2026
Tropical storm Douglas forms in Pacific Ocean, no threat to land, hurricane center says – UK Times

Tropical storm Douglas forms in Pacific Ocean, no threat to land, hurricane center says – UK Times

2 July 2026
Top News
One rule for Messi, another for Balogun? USA striker sees red in World Cup after controversial VAR call – UK Times

One rule for Messi, another for Balogun? USA striker sees red in World Cup after controversial VAR call – UK Times

2 July 2026
French Open champion Mirra Andreeva hurls her racquet and yells ‘I QUIT’ after being knocked out of Wimbledon in the second round by 2024 winner Barbora Krejcikova

French Open champion Mirra Andreeva hurls her racquet and yells ‘I QUIT’ after being knocked out of Wimbledon in the second round by 2024 winner Barbora Krejcikova

2 July 2026
Russian attack on Ukraine shakes Kyiv for hours – UK Times

Russian attack on Ukraine shakes Kyiv for hours – UK Times

2 July 2026

Subscribe to Updates

Get the latest UK news and updates directly to your inbox.

Recent Posts

  • One rule for Messi, another for Balogun? USA striker sees red in World Cup after controversial VAR call – UK Times
  • French Open champion Mirra Andreeva hurls her racquet and yells ‘I QUIT’ after being knocked out of Wimbledon in the second round by 2024 winner Barbora Krejcikova
  • Russian attack on Ukraine shakes Kyiv for hours – UK Times
  • Taylor Swift and Travis Kelce invite Knicks heroes to MSG wedding: report – UK Times
  • Aryna Sabalenka begs Wimbledon to allow players to bring dogs on site – after the French Open provided a ‘dog concierge’ to look after pets

Recent Comments

No comments to show.
© 2026 UK Times. All Rights Reserved.
  • Privacy Policy
  • Terms of use
  • Advertise
  • Contact Us

Type above and press Enter to search. Press Esc to cancel.

Go to mobile version