{"id":4539,"date":"2026-04-07T23:44:07","date_gmt":"2026-04-07T23:44:07","guid":{"rendered":"https:\/\/www.europesays.com\/russia\/4539\/"},"modified":"2026-04-07T23:44:07","modified_gmt":"2026-04-07T23:44:07","slug":"us-disrupts-russian-military-run-dns-hijacking-network-justice-department-says","status":"publish","type":"post","link":"https:\/\/www.europesays.com\/russia\/4539\/","title":{"rendered":"US Disrupts Russian Military-Run DNS Hijacking Network, Justice Department Says"},"content":{"rendered":"<p>WASHINGTON, April 7 (Reuters) &#8211; The U.S. Justice Department said on \u2060Tuesday \u2060it carried out a court-authorized \u2060disruption of a DNS hijacking network controlled by a Russian military intelligence \u200bunit.<\/p>\n<p>The network was operated by Russia&#8217;s Main Intelligence Directorate of the General Staff (GRU) Military Unit 26165, the \u200cdepartment said in a statement.<\/p>\n<p>It added \u200cthe GRU used routers to facilitate hijacking operations against worldwide targets, including individuals in military, \u2060government and \u2060critical infrastructure sectors.\u00a0<\/p>\n<p>The efforts targeted thousands of routers worldwide and enabled the \u200bRussian hackers to filter traffic to identify specific targets, according to the Justice Department.<\/p>\n<p>Once targets were identified, targets&#8217; unencrypted network traffic was captured, providing the hackers with passwords, authentication tokens, emails and other sensitive information, it \u200badded.<\/p>\n<p>&#8220;GRU actors compromised routers in the U.S. and around the world, hijacking them to conduct \u2060espionage. \u2060Given the scale of this \u2060threat, sounding \u200bthe alarm wasn&#8217;t enough,&#8221; said Brett Leatherman, the assistant director of the FBI\u2019s Cyber Division.<\/p>\n<p>The FBI \u200bidentified compromised routers in \u2060the U.S., collected evidence of Russian targeting, cut off GRU access, and reset them to normal functionality, the Justice Department said in its statement.<\/p>\n<p>In a post on social media platform X, Leatherman said the takedown effort, dubbed &#8220;Operation Masquerade,&#8221; included partners in 15 countries.\u00a0<\/p>\n<p>Without action, &#8220;the GRU would have continued intercepting \u2060encrypted traffic and stealing sensitive information,&#8221; he said, adding, &#8220;Russia&#8217;s cyber program is an enduring \u2060threat.&#8221;\u00a0<\/p>\n<p>Officials in Germany and Britain also issued advisories about the hacking campaign on Tuesday.\u00a0<\/p>\n<p>The Russian Embassy in Washington did not respond to requests for comment.\u00a0<\/p>\n<p>The operation is the latest example of intelligence collection carried out by the Russian military intelligence hacking unit, Microsoft said in a blog post released ahead of the Justice Department&#8217;s statement. Microsoft identified more than 200\u00a0organizations and 5,000 consumer devices impacted by the hacking operation, the company said.<\/p>\n<p>Lumen Technologies&#8217; Black Lotus Labs, which identified part of the botnet infrastructure last year, said \u2060in a blog post that the operations primarily targeted government agencies, including ministries of foreign affairs, law enforcement and third-party email providers.<\/p>\n<p>The researchers did not identify specific targets, but said their analysis revealed targets in the U.S., Europe, Afghanistan, North Africa, Central America \u200band Southeast Asia.<\/p>\n<p>(Reporting by Jasper Ward in Washington and AJ Vicens in \u200bDetroit; Editing by Daphne Psaledakis and Jamie Freed)<\/p>\n<p>Copyright 2026 Thomson Reuters.<\/p>\n<p>Photos You Should See \u2013 April 2026<\/p>\n<p><img decoding=\"async\" src=\"https:\/\/www.europesays.com\/russia\/wp-content\/uploads\/2026\/04\/1775605447_422_pyss-april26-04.jpg\" alt=\"NASA's Artemis II moon rocket lifts off from the Kennedy Space Center's Launch Pad 39-B Wednesday, April 1, 2026, in Cape Canaveral, Fla. (AP Photo\/Chris O'Meara)\" class=\"Image__PictureImage-sc-412cjc-1 bBgODV Image-sc-412cjc-2 SlideshowEmbed__Picture-fkpjfn-0 kQDDcT bUlaJL\"\/><\/p>\n","protected":false},"excerpt":{"rendered":"WASHINGTON, April 7 (Reuters) &#8211; The U.S. Justice Department said on \u2060Tuesday \u2060it carried out a court-authorized \u2060disruption&hellip;\n","protected":false},"author":2,"featured_media":4540,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[515,106,1876,214,158,5,58,173],"class_list":{"0":"post-4539","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-russia","8":"tag-collections-world","9":"tag-crime","10":"tag-cybersecurity","11":"tag-europe","12":"tag-reuters","13":"tag-russia","14":"tag-united-states","15":"tag-world-news"},"_links":{"self":[{"href":"https:\/\/www.europesays.com\/russia\/wp-json\/wp\/v2\/posts\/4539","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.europesays.com\/russia\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.europesays.com\/russia\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/russia\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/russia\/wp-json\/wp\/v2\/comments?post=4539"}],"version-history":[{"count":0,"href":"https:\/\/www.europesays.com\/russia\/wp-json\/wp\/v2\/posts\/4539\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/russia\/wp-json\/wp\/v2\/media\/4540"}],"wp:attachment":[{"href":"https:\/\/www.europesays.com\/russia\/wp-json\/wp\/v2\/media?parent=4539"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.europesays.com\/russia\/wp-json\/wp\/v2\/categories?post=4539"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.europesays.com\/russia\/wp-json\/wp\/v2\/tags?post=4539"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}