Security authorities in Germany and the USA have shut down a global spy network run by the hacker group ATP 28. Governments, military, authorities and corporations were apparently spied on on behalf of Russia – including in Germany.
German security authorities have helped take down a Russian computer spy network in a US-led operation.
According to authorities, the hacker group APT 28 installed malware on hundreds of small routers in offices and private households on behalf of the Russian Military Intelligence Service (GRU).
defense of Constitution sees Russia behind hacker group
The network created in this way was used as a global cyber espionage platform, according to a statement from the US Federal Police Agency (FBI) and explanations from a spokesman for the Federal Ministry of the Interior.
“We know what instruments Putin’s criminal regime uses,” said Federal Interior Minister Nancy Faeser (SPD). “Our actions show how serious the threat posed by Russian cyber attacks is – but also how we are arming ourselves against these threats.” Affected devices could now no longer be misused for cyber espionage operations.
The hacker group APT 28 has been active worldwide since at least 2004. The Interior Ministry counts them among the most active and dangerous cyber actors in the world.
The Federal Office for the Protection of the Constitution attributes it to the Russian military intelligence service GRU. According to the FBI, the hackers used the malware to attack routers that used publicly known standard administrator passwords.
Attacks in Germany, EU and NATO countries
The German ministry spokesman said, citing the Office for the Protection of the Constitution, that the hacker group had also used the international infrastructure to attack German targets over the past two years. “The focus of the attacks was on information about Germany’s political-strategic orientation in connection with Russia and support deliveries of military goods for Ukraine.”
In addition, targets in other EU and NATO countries were also attacked. According to the FBI, the targets of the espionage activities were governments, military, security agencies and corporations in the USA and other countries.
“In this case, Russian secret services have turned to criminal gangs to help them,” the US statement continued. The owners of the affected devices were “very likely not the actual target of the attacks,” as the ministry spokesman further explained. The hackers used the devices to conceal their own attack structure.