惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

V
Vulnerabilities – Threatpost
T
The Blog of Author Tim Ferriss
S
SegmentFault 最新的问题
D
DataBreaches.Net
博客园_首页
罗磊的独立博客
B
Blog
T
Threat Research - Cisco Blogs
C
Cisco Blogs
GbyAI
GbyAI
Engineering at Meta
Engineering at Meta
WordPress大学
WordPress大学
G
GRAHAM CLULEY
H
Help Net Security
酷 壳 – CoolShell
酷 壳 – CoolShell
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
爱范儿
爱范儿
SecWiki News
SecWiki News
T
Threatpost
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
Schneier on Security
Schneier on Security
T
The Exploit Database - CXSecurity.com
Google Online Security Blog
Google Online Security Blog
T
Tor Project blog
小众软件
小众软件
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
Y
Y Combinator Blog
H
Hacker News: Front Page
V
V2EX
Security Latest
Security Latest
Cloudbric
Cloudbric
Simon Willison's Weblog
Simon Willison's Weblog
Attack and Defense Labs
Attack and Defense Labs
D
Darknet – Hacking Tools, Hacker News & Cyber Security
P
Proofpoint News Feed
博客园 - 三生石上(FineUI控件)
NISL@THU
NISL@THU
S
Secure Thoughts
Blog — PlanetScale
Blog — PlanetScale
博客园 - 司徒正美
V2EX - 技术
V2EX - 技术
Vercel News
Vercel News
P
Palo Alto Networks Blog
IT之家
IT之家
MyScale Blog
MyScale Blog
有赞技术团队
有赞技术团队
Application and Cybersecurity Blog
Application and Cybersecurity Blog
D
Docker
Google DeepMind News
Google DeepMind News
Webroot Blog
Webroot Blog

CNET

Netflix: 29 of the Best Sci-Fi TV Shows You Should Stream Right Now Wait! Don't Buy the Galaxy S26 Ultra. This Cheaper Phone Is Just as Good Best Streaming Services of 2026 42 of the Best Movies on Netflix You Should Stream Now Best Live TV Streaming Services of 2026 7 of the Best A24 Movies You Can Stream Free on Your Next Movie Night Hisense's Colorful RGB TV, the UR8, Hits Shelves From $1,300 60 of the Best TV Shows on Netflix That Will Keep You Entertained Best Senior Phone Plans of 2026 Apple Should Steal These Android Camera Tricks for the iPhone 18 Pro Get the Best Deals Handpicked and Texted to You Prime Video: 23 of the Best Sci-Fi TV Shows You Need to Stream Right Now Prime Video: 11 of the Best Sci-Fi Movies You Should Stream Right Now AI Chatbot Pricing Comparison: Here's What You Get When You Pay Best TVs for 2026: Expert Tested and Reviewed Apple TV: 28 of the Best Shows You're Probably Not Watching YouTube TV vs. DirecTV vs. Hulu Live and More: Which Has the Most Must-Have Channels Out of 100? Amazon Support for Older Kindles Ends Today. What to Do Now Best MacBooks We’ve Tested (May 2026) After Brewing 17 Bags of Grocery Store Coffee, These Are the 5 Beans I'd Buy Again I Was Shocked by How Good These Budget TVs Were Best Laptops of 2026: Top Picks Tested by CNET Netflix: 24 Fantasy TV Shows You Should Absolutely Stream Right Now AI Is Watching Your Every Move on the Road. These State Laws Are Pushing Back Trump Phone Looks Different, Has No Launch Date, Isn't Made in America Best T-Mobile Plans: How to Choose and Which Ones to Pick in 2026 Apple TV's 16 Best Sci-Fi Shows You Should Stream Right Now The Apple Watch Series 12 Is Rumored to Revive a Retired iPhone Feature Does Tech Actually Suck Now or Have I Just Become a Grumpy Old Man? I've Tested Dozens of 3D Printers and These Are the Best for Everyone Best Cellphone Plans of 2026: Our Top Picks Best Family Phone Plans for 2026 Best Prepaid Phone Plans for 2026 I Resurrected My Favorite Childhood Games Using Gemini Vibe Coding Best VR Headsets of 2026: My Favorite Hardware Right Now Verizon's Streaming Deals Let You Watch Netflix, Disney Plus and More, for Less Motorola's $150 Moto Watch Fell Short of Its Fitness Promises in My Tests Best Home Theater Systems of 2026 Motorola's Razr Is Days Away From Its iPhone Moment Play One of the Best Games of 2025 Right Now on Xbox Game Pass Motorola Razr 2026 Rumor Roundup: Everything We Know About The New Razr Flip Phones Need to Scan Your Tax Documents Before Deadline? Use Your iPhone's Hidden Scanner Samsung Galaxy S26 vs. Google Pixel 10: How Each Flagship Phone Compares Premier League Soccer 2026: Watch Chelsea vs. Man City Live 5G From the Sky: New Internet Infrastructure Takes Flight I Think the RedMagic 11 Air's Best Feature Is Its Price for the Hardware Best Unlimited Data Plans for 2026 Double Dazzle: The First of April's Two Meteor Showers Is About to Begin Signs It’s Time to Tune Up Your Treadmill, Exercise Bike and Rowing Machine iOS 26.4.1 Isn't a Big Update, but You Should Download It Anyway Today's NYT Strands Hints, Answers and Help for April 12 #770 Today's NYT Connections Hints, Answers and Help for April 12, #1036 Today's Wordle Hints, Answer and Help for April 12, #1758 Today's NYT Mini Crossword Answers for Sunday, April 12 Today's NYT Connections: Sports Edition Hints and Answers for April 12, #566 A Trio of Stars: The Spring Triangle Is Here. How to See It Watch a Robot Stuff Cash Into a Wallet Just Like You Do This Animation Startup Wants to Make It Easier to Tell Open-Ended Stories The 9 Best Places to Buy Reading Glasses Online (Zero Prescription Required) The 23 Best Graduation Gifts for 2026 Grand National 2026 Livestream: How to Watch Aintree Horse Racing From Anywhere Amazon Luna to Drop Support for Third-Party Games and Subscriptions in June YouTube Premium Is the Latest Streaming Service to Hike Prices Today's NYT Mini Crossword Answers for Saturday, April 11 Elden Ring: Tarnished Edition for Switch 2 Reignites Controversy Over Game-Key Cards Artemis II Astronauts Are Home Safe Comcast Adds New StreamSaver Bundles: HBO Max, Disney Plus, Hulu Now Part of the Lineup Samsung's Galaxy Z Fold 7 Just Got a Price Hike, 9 Months After Its Release Microsoft Is Scrubbing the Copilot Name From Some Windows 11 Apps 'I'm Alarmed': Senator Opens Inquiry Into the Ways Tech Companies Report Suspected Child Abuse These $299 Glasses Are Like an HDR TV on Your Face Today's NYT Connections: Sports Edition Hints and Answers for April 11, #565 After a Lifetime of Gas, I Switched to an Induction Stove. I'm Never Going Back How to Make Sure Your Private Signal Messages Aren't Still Lurking on Your Phone Apple AirPods Max 2 Review: Seemingly Small Changes Make a Substantial Difference Today's NYT Connections Hints, Answers and Help for April 11, #1035 Today's NYT Strands Hints, Answers and Help for April 11 #769 Today's Wordle Hints, Answer and Help for April 11, #1757 Encrypted Emails Are Now Available for Some Gmail Phone App Enterprise Customers Tyson Fury vs. Arslanbek Makhmudov Fight: When to Watch the Action on Netflix It Can Happen: I Turned My iPhone 17 Pro From Cosmic Orange to Pink The Many Times Apple Products Left Earth Best AI Video Generators of 2026, Reviewed and Ranked Over Half of Us Have Faced Possible Malware, Yet Some Are Ignoring Cybercriminals Best Laptop for College Students: Top Laptops for School in 2026 Want a New iPhone or Android Phone? Read This Before You Buy I've Tested Phones for 14 Years and These Are the Most Bizarre I've Seen Best Streaming Services for Kids in 2026 Best Budget Earbuds for 2026: Cheap Wireless Picks Best Bluetooth Speakers of 2026 Best Open Earbuds for 2026 The 26 Best Gaming Gifts of 2026 Best 3D Printing Filament and Which to Buy in 2026 Best Printer for Your Home or Office in 2026: Tested by Our Experts Best Wireless Bluetooth Boom Boxes for 2026 The 25 Best PS5 Games Right Now Best Headsets for Working From Home in 2026, According to CNET's Audio Expert Trust Me: All Photographers Need These 3 Types of Cameras Best Gaming Chair for 2026 I Tested the iPhone 17 Pro Max. It's Part Midlife Crisis and Part Battery-Life King
Russia's Military Hackers Targeted Home Routers Across 23 States. Here's What to Do
Joe Supan · 2026-06-02 · via CNET

Federal agencies disrupted the attack but were direct about what comes next. These five router security steps are the responsibility of individual owners.

Headshot of Joe Supan

Joe Supan is a senior writer for CNET covering home technology, broadband, and moving. Prior to joining CNET, Joe led MyMove's moving coverage and reported on broadband policy, the digital divide, and privacy issues for the broadband marketplace Allconnect. He has been featured as a guest columnist on Broadband Breakfast, and his work has been referenced by the Los Angeles Times, Forbes, National Geographic, Yahoo! Finance and more.

For years, a unit of Russia's military intelligence agency quietly turned ordinary home routers into tools of espionage. The GRU group known as APT28, the same outfit behind the 2016 DNC hack and a string of attacks on NATO targets, exploited unpatched firmware and unchanged default passwords to compromise thousands of devices across 23 US states, redirecting internet traffic through servers under Russian control and harvesting credentials along the way. Federal agents disrupted the operation in April under a court order. What they couldn't do from a distance was fix the underlying vulnerabilities. That requires five steps from you.

The attack targeted small-office/home-office routers, also known as SOHO routers, and was carried out by a unit in the Russian military intelligence agency, the GRU. Government agencies are urging people to follow basic router hygiene steps, such as updating to the latest firmware and changing default login credentials. The UK's National Cyber Security Centre includes a number of TP-Link routers specifically targeted by the hackers.

While that news sounds pretty alarming, it's worth keeping in mind that the attack compromised enterprise routers specifically, so your home Wi-Fi router likely isn't at risk. That said, some of the affected routers can be used as standard home routers, so it's worth checking whether your model was exploited in the attack.

"There is a big trend of exploiting routers these days, and that goes both for the consumer and enterprise or corporate routers," Daniel Dos Santos, vice president of research at the cybersecurity company Forescout, told CNET.

What type of attack is this?

A news release from the NSA notes that the attack indiscriminately targeted a wide pool of routers, with the goal of gathering information on "military, government, and critical infrastructure."

This attack is linked to threat actors within the Russian GRU -- which go by APT28, Fancy Bear, Forest Blizzard and other names -- and has been ongoing since at least 2024, according to the FBI. 

It's known as a Domain Name System hijacking operation, in which DNS requests are intercepted by changing the default network configurations on SOHO routers, allowing the actors to see a user's traffic unencrypted. 

"For nation-state actors like Forest Blizzard, DNS hijacking enables persistent, passive visibility and reconnaissance at scale," says a Microsoft Threat Intelligence report on the attack. 

Microsoft identified more than 200 organizations and 5,000 consumer devices impacted by the GRU's attack. 

Which routers were affected?

The FBI's announcement refers to one router specifically, the TP-Link TL-WR841N, a Wi-Fi 4 model that was originally released in 2007. The UK's National Cyber Security Centre lists 23 TP-Link models that were targeted, but notes that it is likely not exhaustive.

Here is the list of affected devices:

  • TP-Link LTE Wireless N Router MR6400
  • TP-Link Wireless Dual Band Gigabit Router Archer C5
  • TP-Link Wireless Dual Band Gigabit Router Archer C7
  • TP-Link Wireless Dual Band Gigabit Router WDR3600
  • TP-Link Wireless Dual Band Gigabit Router WDR4300
  • TP-Link Wireless Dual Band Router WDR3500
  • TP-Link Wireless Lite N Router WR740N
  • TP-Link Wireless Lite N Router WR740N/WR741ND
  • TP-Link Wireless Lite N Router WR749N
  • TP-Link Wireless N 3G/4G Router MR3420
  • TP-Link Wireless N Access Point WA801ND
  • TP-Link Wireless N Access Point WA901ND
  • TP-Link Wireless N Gigabit Router WR1043ND
  • TP-Link Wireless N Gigabit Router WR1045ND
  • TP-Link Wireless N Router WR840N
  • TP-Link Wireless N Router WR841HP
  • TP-Link Wireless N Router WR841N
  • TP-Link Wireless N Router WR841N/WR841ND
  • TP-Link Wireless N Router WR842N
  • TP-Link Wireless N Router WR842ND
  • TP-Link Wireless N Router WR845N
  • TP-Link Wireless N Router WR941ND
  • TP-Link Wireless N Router WR945N

A TP-Link Systems spokesperson told CNET in a statement that the affected models all reached End of Service and Life status several years ago.

"While these products are outside our standard maintenance lifecycle, TP‑Link has developed security updates for select legacy models where technically feasible," the spokesperson said. 

TP-Link is urging people with these outdated routers to upgrade to a newer device if possible. You can find a list of available security patches on its security advisory page addressing the recent attack. 

How to keep your router safe

The NSA referred organizations to a list of best practices for securing your home network. The most important thing you can do if you're using one of the impacted devices is to upgrade your router as soon as possible. It likely hasn't received firmware updates in years, which is like leaving the door to your network unlocked. 

"The longer you carry on doing that, the greater the risk," said Rik Ferguson, vice president of security intelligence at Forescout. "The router sits in such a privileged position within any network. All of your communication, all of your traffic, has to pass through that device."

In addition to using a newer device that's still getting security updates, there are a few other steps you can take to lock down your network: 

  • Update your firmware regularly: Many networking devices allow you to enable automatic firmware updates in the settings. If this is an option, I'd highly recommend doing it. If it's not, you can find updates for your router by logging into its web interface or using its app.
  • Reboot your router: The NSA's guidance recommends rebooting your router, smartphone and computers at least once a week. "Regular reboots help to remove implants and ensure security," the agency says. 
  • Change default usernames and passwords: One of the most common ways hackers gain access is by trying default, manufacturer-set login credentials. "There's a whole underground economy that underlies all of that," says Ferguson. "Basically, they just harvest credentials, either through attacks of their own, or by stockpiling them from other sources and buying them." This username and password combination is different from your Wi-Fi login, which should also be changed every six months or so. The longer and more random your password, the better
  • Disable remote management: Most regular users don't need to remotely manage their Wi-Fi router, and this is one of the primary ways threat actors can change your router's settings without your knowledge. You can typically find this option in your router's admin settings
  • Use a VPN: The FBI's announcement on the attack specifically recommends that organizations with remote workers use a VPN when accessing sensitive data. These services encrypt your traffic as it passes through a remote server, keeping it safe from hackers.

Internet Providers by City

Internet Providers and Services

Helpful Internet Resources

Headshot of Joe Supan

Joe Supan is a senior writer for CNET covering home technology, broadband, and moving. Prior to joining CNET, Joe led MyMove's moving coverage and reported on broadband policy, the digital divide, and privacy issues for the broadband marketplace Allconnect. He has been featured as a guest columnist on Broadband Breakfast, and his work has been referenced by the Los Angeles Times, Forbes, National Geographic, Yahoo! Finance and more.