Russian APT Abuses IoT Devices to Infiltrate Corporate Targets
Microsoft researchers have detected a new attack campaign by the Russian-linked hacking group Fancy Bear (aka APT28 or STRONTIUM) that targets corporate networks by compromising vulnerable Internet-of-things (IoT) devices.
The targeted devices include VOIP phones, office printers, and video decoders. Hackers are taking advantage of devices that use default passwords or contain known vulnerabilities in order to gain a foothold on company networks. Once this has been achieved, the attackers target other devices on the network with the aim of compromising “higher-privileged accounts that would grant access to higher-value data.”