US Disrupts Russian DNS Hijacking Network in Global Cyber Operation
The United States Justice Department announced that it has successfully disrupted a large scale DNS hijacking network linked to a Russian military intelligence unit. The operation, carried out under court authorisation, targeted infrastructure used to conduct cyber espionage against global victims.
According to officials, the network was operated by a unit within Russia’s Main Intelligence Directorate of the General Staff. This group allegedly used compromised routers to execute hijacking campaigns affecting individuals and organisations worldwide. Targets included sectors such as government, military, and critical infrastructure, highlighting the broad scope of the operation.
Thousands Of Routers Exploited Worldwide
Authorities revealed that the campaign involved the compromise of thousands of routers across multiple regions. These devices were used to redirect internet traffic, allowing attackers to monitor and filter data flows. As a result, the hackers could identify high value targets with precision.
Once targets were selected, the attackers intercepted unencrypted network traffic. This enabled them to collect sensitive information, including passwords, authentication tokens, and email communications. Consequently, the operation posed a significant threat to both personal and institutional security.
In response, the Federal Bureau of Investigation identified affected routers within the United States. Investigators gathered evidence of the intrusion, severed unauthorised access, and restored the devices to normal functionality. This intervention formed a critical component of the broader disruption effort.
Operation Masquerade And International Cooperation
The takedown effort, known as Operation Masquerade, involved collaboration with partners across 15 countries. This coordinated approach allowed authorities to dismantle key elements of the network and prevent further exploitation.
Officials emphasised that without intervention, the attackers would have continued intercepting data and extracting sensitive information. The operation therefore marked a decisive step in countering ongoing cyber threats linked to Russian intelligence activities.
At the same time, agencies in Germany and Britain issued warnings regarding the campaign. These advisories underscored the widespread nature of the threat and the need for heightened vigilance across affected regions.
Ongoing Threat From Advanced Cyber Campaigns
Further analysis from cybersecurity firms indicated that the operation impacted hundreds of organisations and thousands of consumer devices. The targets spanned multiple continents, including North America, Europe, and parts of Asia and Africa.
Researchers noted that government institutions, law enforcement bodies, and email service providers were among the primary targets. This focus reflects a strategic effort to access sensitive communications and intelligence.
The disruption highlights the persistent nature of state backed cyber operations. Despite the success of this intervention, officials warn that such threats remain ongoing and continue to evolve. As a result, international cooperation and proactive defence measures remain essential in addressing future cyber risks.
With inputs from Reuters