GRU
Coverage of GRU in the Nexus archive.
- FBI says Russian hackers hijacked old Wi-Fi routers
The FBI and Justice Department warned that Russian hackers linked to the GRU exploited vulnerabilities in outdated SOHO routers to conduct espionage by altering DNS settings and intercepting traffic. The hackers redirected internet requests through their servers to steal sensitive data, and authorities disrupted the U.S. portion of the network in April.
- Russian Active Measures, And More Dirty Tricks: Expect Russia to Escalate Its Attacks on our Democracies
The article discusses Russia's historical use of 'active measures' to disrupt democracies, highlighting recent operations in Europe targeting ethnic minorities through defacement and divisive tactics. It notes the evolution of these strategies with AI and cognitive warfare, emphasizing the role of Russian intelligence agencies like the SVR, GRU, and FSB in undermining Western political systems.
- From Terror Networks to Hybrid Threats: A Partner Approach to a Growing Threat
The article draws parallels between current European hybrid threats and post-9/11 terrorism, urging adaptation of counterterrorism cooperation models. It highlights Russia and Iran's use of proxies and digital platforms to recruit individuals for sabotage and assassination plots, which align with the FBI's definition of international terrorism. The U.S. counterterrorism strategy acknowledges collaboration with European partners to address these covert state actions.
- Kremlin appoints cyber executive with alleged GRU ties to Security Council role
Andrei Kozlov, a former cybersecurity center head at Rostec, was appointed as an aide to Security Council Secretary Sergei Shoigu. He has alleged ties to Russia's GRU military intelligence agency.
- Thousands of consumer routers hacked by Russia's military
The Russian military, through the APT28 group linked to the GRU, has hacked 18,000 to 40,000 consumer routers in 120 countries. These routers were used to spy on government agencies and alter DNS settings for Microsoft's 365 service. Researchers from Lumen Technologies' Black Lotus Labs reported the breach.