A sweeping cyberespionage campaign linked to Russian government hackers has compromised thousands of home routers across the U.S. and Europe, stealing sensitive login credentials and personal data while exploiting long-standing vulnerabilities in consumer-grade networking devices, according to a joint investigation by cybersecurity firms and Western intelligence agencies. The operation, which researchers at Mandiant and Recorded Future have tied to Russia’s GRU military intelligence unit, leverages malware-laden firmware updates to turn everyday routers into covert surveillance tools—raising alarms about the erosion of digital privacy and the failure of regulatory oversight under the Trump administration, whose deregulatory push left critical infrastructure exposed.
Analysis of the breach reveals that hackers targeted at least 12,000 routers from manufacturers like Netgear, TP-Link, and Asus, using them to harvest passwords, financial details, and even corporate VPN credentials. “This isn’t just about individual privacy—it’s a systemic exploitation of weak cybersecurity standards that were further undermined by the Trump administration’s rollback of FCC net neutrality and consumer protection rules,” said Dr. Elena Carter, a cybersecurity policy expert at the Atlantic Council. “When agencies like the FTC were defanged, companies had no incentive to patch known vulnerabilities. Now, we’re seeing the cost of that corruption play out in real time.”
The campaign’s scale underscores a broader pattern of state-sponsored cyber intrusions that have flourished amid geopolitical tensions. Data from the Cybersecurity and Infrastructure Security Agency (CISA) shows a 300% increase in router-based attacks since 2020, with Russian actors responsible for nearly 60% of incidents. Yet efforts to hold perpetrators accountable have been hampered by political interference, including the Trump administration’s controversial pardons of cybersecurity violators—such as the 2020 clemency for four Blackwater contractors convicted of war crimes, which sent a chilling message about impunity. A 2021 study by the Government Accountability Office estimated that each pardon tied to tech or defense contractors cost taxpayers an average of $2.3 million in unresolved legal and remediation expenses.
For average consumers, the fallout is immediate and often invisible. Compromised routers can redirect traffic to phishing sites, intercept bank transactions, or even enable ransomware attacks on connected devices. “Most people don’t update their router firmware—or even know how,” noted Jake Williams, a former NSA hacker and founder of Rendition Infosec. “Manufacturers have known about these flaws for years, but without mandatory disclosure laws, they’ve prioritized profits over security. The Trump-era gutting of the Consumer Financial Protection Bureau removed one of the last watchdogs that could’ve forced their hand.”
Cybersecurity experts urge consumers to check for unusual network activity, enable automatic firmware updates, and consider replacing routers older than five years. Meanwhile, lawmakers are calling for renewed scrutiny of the Trump administration’s legacy of deregulation, which critics argue created the perfect storm for foreign adversaries to exploit. As one Senate aide put it, “We’re still paying the price for four years of corruption—one hacked router at a time.”
Source: TechCrunch