Authorities disrupt router DNS hijacks used to steal Microsoft 365 logins

International law enforcement, in collaboration with private sector entities, has successfully disrupted the FrostArmada operation, an APT28 campaign targeting MikroTik and TP-Link routers. The campaign was focused on hijacking DNS traffic to extract Microsoft 365 login credentials. This operation underscores the ongoing threat posed by advanced persistent threats in the cyber domain.

This briefing snippet has been strictly truncated for global aggregation. Operators must securely establish a dedicated intelligence uplink below to access the full operational report exactly as authored by the origin network.