What to do if I shared my OTP in a phishing scam?

Immediately contact your bank’s helpline (SBI 1800-11-1109 or HDFC 1800-202-6161) to secure your account and report the scam.

How can I identify if my router is compromised?

Look for unusual network activity, unexpected slowdowns, or unfamiliar devices connected to your network, and consider checking device logs if available.

How do I report this type of scam in India?

You can report cyber scams by calling the helpline at 1930 or visiting cybercrime.gov.in to file a complaint and obtain guidance.

What are the steps for recovering money or protecting accounts after this scam?

Contact your bank and inform them of the unauthorized transaction, change your passwords, and enable transaction alerts for future monitoring.

UK exposes Russian military intelligence hijacking vulnerable routers for cyber attacks

INDIA — By BharatSecure Threat Intelligence Team · Updated Jun 10, 2026

Verdict: Suspicious | Risk Score: 9/10 | Severity: Critical

Category: phishing

Scam Intelligence: UK exposes Russian military intelligence hijacking vulnerable routers for cyber attacks

Proprietary signals from BharatSecure's scam-tracking database.

Last reported

Jun 10, 2026

How UK exposes Russian military intelligence hijacking vulnerable routers for cyber attacks Works

The UK has revealed that Russian military intelligence, specifically the APT28 group, is exploiting vulnerable edge devices to support their malicious cyber operations. A new advisory warns about these activities and urges organizations to take protective measures.

How This Scam Works — Detailed Explanation

In recent developments, the UK has exposed a disturbing campaign by Russian military intelligence, particularly the APT28 group, which is hijacking vulnerable routers and other edge devices to launch cyber attacks. These attacks often target businesses and government institutions, leveraging weak security protocols to infiltrate networks. Scammers are exploiting outdated hardware and unpatched firmware, exploiting human error, and taking advantage of a general lack of cybersecurity awareness in users. In the Indian context, many organizations still use off-the-shelf routers that may lack robust security features, making them prime targets for these attacks.

Scammers use various tactics and psychological tricks to lure victims into falling for these cyber schemes. For instance, they may send phishing emails or messages that appear legitimate, urging users to click on malicious links or download infected attachments. Some might impersonate government agencies or well-known corporations. In India, these tactics can resonate deeply, especially when linked to popular platforms like Aadhaar or UPI, where individuals might be more inclined to click on links that claim to assist them with their digital IDs or financial transactions. Scammers may prey on fear, urgency, or the desire for rewards, utilizing social engineering tactics to trick individuals into compromising their personal information.

The unfortunate consequence of these scams can be devastating. Once a victim’s router is compromised, the attackers can intercept sensitive information, such as UPI PINs, Aadhaar numbers, or banking credentials. For example, if a user receives a seemingly legitimate UPI payment notification, they might unwittingly provide sensitive details to the scammer's phishing site. Real-life scenarios include cases where individuals have reported losing thousands of rupees due to unauthorized transactions initiated from their compromised routers. Between 2020 and 2023, reports indicated that cybercrime in India resulted in losses exceeding ₹22,000 crore, with a significant portion attributed to phishing scams linked to compromised devices.

The impact of such attacks stretches far beyond individual losses. These cyber operations can lead to widespread data breaches and the theft of personal information, not only affecting individuals but also potentially jeopardizing the security of major corporations and government agencies. The Ministry of Home Affairs (MHA) and the Reserve Bank of India (RBI) have been proactive in issuing advisories and guidelines to enhance public awareness about cyber threats, urging citizens to remain vigilant. CERT-In has also released alerts specifying the signs of compromised edge devices, warning the public about the dangers of not updating their hardware and software regularly.

To differentiate between legitimate communications and potential scams, users should be proactive. Look for common indicators of phishing, such as unusual sender addresses or slight variations in domain names. Official communication from banks or government agencies will never ask for sensitive information like OTPs or passwords via email or SMS. Ensure that the links you click direct to authentic websites, particularly when making financial transactions or submitting personal information. Always double-check the URL, and when in doubt, reach out directly to your bank or service provider through official channels.

Visual Intelligence:

BharatSecure's AI has identified this as a used in scams targeting Indian users.

Who Does UK exposes Russian military intelligence hijacking vulnerable routers for cyber attacks Target?

General public across India

Red Flags — How to Identify UK exposes Russian military intelligence hijacking vulnerable routers for cyber attacks

Russian military intelligence
APT28
vulnerable routers
edge devices
cyber attacks
malicious operations

What To Do If You Encounter UK exposes Russian military intelligence hijacking vulnerable routers for cyber attacks

Report any suspicious communication to the cybercrime helpline at 1930 or visit cybercrime.gov.in.
Update your router firmware and change default passwords immediately to enhance security.
Educate yourself about phishing tactics and common cyber scams to avoid falling victim.
Verify all financial communications by contacting your banks directly at numbers like SBI 1800-11-1109 or HDFC 1800-202-6161.
Regularly monitor your bank and UPI transactions for unauthorized activities.
Use multi-factor authentication wherever possible for added security on sensitive accounts.

How to Report UK exposes Russian military intelligence hijacking vulnerable routers for cyber attacks in India

Call 1930 — National Cyber Crime Helpline (24x7)
File a complaint at cybercrime.gov.in
Contact your bank immediately if money was lost
Call RBI helpline: 14440 for banking fraud

Frequently Asked Questions

What to do if I shared my OTP in a phishing scam?: Immediately contact your bank’s helpline (SBI 1800-11-1109 or HDFC 1800-202-6161) to secure your account and report the scam.
How can I identify if my router is compromised?: Look for unusual network activity, unexpected slowdowns, or unfamiliar devices connected to your network, and consider checking device logs if available.
How do I report this type of scam in India?: You can report cyber scams by calling the helpline at 1930 or visiting cybercrime.gov.in to file a complaint and obtain guidance.
What are the steps for recovering money or protecting accounts after this scam?: Contact your bank and inform them of the unauthorized transaction, change your passwords, and enable transaction alerts for future monitoring.

Related Scams in India

Verify Any Suspicious Message

Check any suspicious message, link, or call for free at bharatsecure.app. BharatSecure uses AI to detect scams in real-time and protect Indian users.