Russian APT28 Hacks Wi-Fi Networks in Espionage Campaign Using Nearest Neighbor Attack

Nov 24, 2024, 04:23 PM

Researchers have identified an ongoing Russia-linked cyber-espionage campaign targeting human rights groups, private security companies, and state and educational institutions in Central Asia, East Asia, and Europe using custom malware. In a first, Russia's APT28 hacking group appears to have remotely breached the Wi-Fi of an espionage target by hijacking a laptop in another building across the street. This attack, known as the 'Nearest Neighbor Attack,' involves compromising insecure networks within range of Wi-Fi networks at more valuable targets without leaving Russian soil. The method was hypothesized by AirEyeSecurity and is now observed in practice. Notably, Russian spies have also breached Wi-Fi networks in Washington before the invasion of Ukraine. This is the first observed case of the 'AntennaForHire attack.' Additionally, hackers executed a daisy chain attack to breach the Wi-Fi network of a U.S. firm from thousands of miles away.