IOC Radar
TLP:WHITE0 IOCs

SOHO router compromise leads to DNS hijacking and adversary-in-the-middle attacks

MT
Microsoft Threat Intelligence
Published April 7, 2026Original Report

Threat Actors

Diamond Model

SOCIAL AXISTECHNOLOGY AXISADVERSARYAPT28INFRASTRUCTUREunknownCAPABILITYunknownVICTIMunknown
Adversary(1)
Infrastructure
Capability
Victim

5W+H Threat Analysis

Analysis unavailable

Indicators of Compromise

No IOCs extracted from this report.

IOC Relationship Graph

IOC Relationship Graph0 total IOCs
Actors1REPORTSOHO router compromise leaAPT28
scroll to zoom · drag to pan · click IOC to open