Russian government hackers have hijacked thousands of home and small business routers around the world, part of a campaign aimed at stealing their passwords and access tokens. This is part of the ongoing effort by the group known as Fancy Bear, or APT 28, known for its high-profile hacks and spying operations. The hackers targeted unpatched routers made by MicroTik and TP-Link using previously disclosed vulnerabilities. Researchers from the UK and UK revealed that the hackers were able to spy on large numbers of people over several years. They identified at least 18,000 victims in around 120 countries, including government departments, law enforcement agencies, and email providers across North Africa, Central America, and South-east Asia. The FBI is expected to announce the takedown of several domains used in this campaign.