The notice goes on to state that this activity has been reported to the USA and United Kingdom governments by "multiple sources", including private and public-sector cyber security research organisations and allies. If a device could be affected, an alert would pop up and inform the hacker about the make and model of open routers.
The hackers are using compromised routers to conduct man-in-the-middle attacks to support cyber espionage, steal intellectual property and maintain persistent access in victim networks for use in additional campaigns.
"We condemn this latest activity in the strongest possible terms and we will not accept nor tolerate any malign foreign cyber operations, intrusions, or compromises-to include influence operations", said Jeanette Manfra, the chief cybersecurity official at Homeland Security.
"It's a tremendous weapon in the hands of an adversary", echoed the FBI's Howard Marshall, the deputy assistant director of the cyber division.
"As long as this type of activity continues, the Federal Bureau of Investigation will be there to investigate, identify and unmask the perpetrators, in this case, the Russian government." he said.
Law enforcement and cyber security minister Angus Taylor said a "significant" number of organisations were targeted in the wide-ranging attack reported by the Australian Cyber Security Centre (ACSC).More news: Malaga vs Real Madrid: Zidane to drop Ronaldo for LaLiga clash
"The attribution of this malicious activity sends a clear message to Russian Federation - we know what you are doing and you will not succeed", the spokesman added.
For router owners, the technical alert advises that you immediately change any default passwords, and use different passwords across multiple devices.
The Russian attackers would scan across the internet for routers with vulnerabilities, according to the technical alert. One: continuing the pressure campaign on nations that exploit others on the Internet. In a media briefing ahead of the announcement, Rob Joyce, special assistant to the president and cybersecurity coordinator at the National Security Council, said there was "high confidence" Russian Federation was behind the attacks.
"This is the first time that in attributing a cyberattack to Russian Federation, the United States and the UK have, at the same time, issued joint advice to industry about how to manage the risks from attacks".
"The goal of these attacks could be espionage, it could be theft of intellectual property, it could be prepositioning for use in times of tension", NCSC Director Ciaran Martin said.
It was the two countries' first such joint alert.