Few weeks ago, one particular large scale cyber-attack hit the mainstream news everywhere. Russian cyber actor APT28 attacked SOHO routers and managed to compromise some credentials through that. The attack itself was carried in multiple phases and was quite interesting. Let’s take a look at those individual steps, what happened, how it worked and what could have been done to prevent this type of attack.