Summary

Hackers associated with Russia's military intelligence are exploiting vulnerabilities in outdated Internet routers to steal authentication tokens from Microsoft Office users. This campaign has affected over 18,000 networks, allowing the hackers to collect tokens without deploying any malware.

Key Points

• Russian military intelligence hackers are involved in this campaign.
• The attack exploits known vulnerabilities in older Internet routers.
• Over 18,000 networks have been compromised.
• The hackers are targeting Microsoft Office authentication tokens.
• The campaign does not require the deployment of malicious software.

Analysis

This incident highlights the critical need for maintaining up-to-date hardware and software to protect against exploitation of known vulnerabilities. The scale of the attack, affecting over 18,000 networks, underscores the potential impact of such vulnerabilities when left unaddressed. The use of routers as a vector for token theft is particularly concerning, as it bypasses traditional malware defenses.

Conclusion

IT professionals should prioritize updating and patching network hardware, particularly older routers, to mitigate the risk of similar attacks. Regular audits of network security and authentication processes are also recommended to detect and prevent unauthorized access.