Amazon disrupts Russian GRU hackers attacking edge network devices
The Amazon Threat Intelligence team has disrupted active operations attributed to hackers working for the Russian foreign military intelligence agency, the GRU, who targeted customers' cloud infrastructure. [...]
The Amazon Threat Intelligence team has disrupted active operations attributed to hackers working for the Russian foreign military intelligence agency, the GRU, who targeted customers' cloud infrastructure.
The cloud services provider observed a focus on Western critical infrastructure, especially the energy sector, in activity that started in 2021.
Related breach coverage
- Russian state hackers targeted Western critical infrastructure for years, Amazon says2025-12-17
Amazon disclosed a years-long Russian state-backed cyber campaign targeting Western critical infrastructure from 2021 to 2025. Amazon Threat Intelligence reports a long-running Russian state-backed campaign (2021–2025) targeting Western critical infrastructure. Threat actors shifted from exploiting vulnerabilities to abusing misconfigured network edge devices, enabling credential theft and lateral movement with lower risk. The researchers linked the […]
- UK exposes Russian military intelligence hijacking vulnerable routers for cyber attacks2026-04-07
New advisory warns cyber threat group APT28 have exploited vulnerable edge devices to support malicious operations.
- UK exposes Russian military intelligence hijacking vulnerable routers for cyber attacks2026-04-07
New advisory warns cyber threat group APT28 have exploited vulnerable edge devices to support malicious operations.
- Russian-speaking hackers used gen AI tools to compromise 600 firewalls, Amazon says2026-02-23
A Russian-speaking threat actor used commercial generative artificial intelligence tools to help compromise more than 600 FortiGate firewall devices across more than 55 countries earlier this year, researchers have found.