cybercrime.clubhttps://cybercrime.club/tags/soho-routers/Infrastructure security news for people who build infrastructure.Hugo -- gohugo.ioen-usWed, 08 Apr 2026 14:09:06 -0400APT28's FrostArmada Hijacked 18,000 SOHO Routers to Steal Microsoft 365 Credentials — FBI Disrupts Operationhttps://cybercrime.club/posts/apt28-frostarmada-soho-router-dns-hijack-microsoft-365/Wed, 08 Apr 2026 14:09:06 -0400https://cybercrime.club/posts/apt28-frostarmada-soho-router-dns-hijack-microsoft-365/Russia-linked APT28 compromised 18,000 MikroTik and TP-Link routers across 120 countries to hijack DNS and steal Microsoft 365 OAuth tokens. FBI disrupts the operation.threat-intelligence