GRU Compromises Home Routers in 23 States to Steal Outlook Credentials

The FBI and partners disrupted "Operation Masquerade," a GRU (APT28) campaign that exploited CVE-2023-50224 to hijack TP-Link and MikroTik routers across multiple countries, redirect Outlook web traffic to malicious login pages, and harvest credentials; the campaign impacted thousands of consumer devices (over 5,000 in 23 U.S. states and over 18,000 routers globally at peak) and targeted sensitive sectors, with authorities restoring DNS settings and advising immediate firmware updates and credential changes.